POV-Ray : Newsgroups : povray.pov4.discussion.general : Reviving some pov4 discussion : Re: Reviving some pov4 discussion Server Time
1 Oct 2022 09:50:32 EDT (-0400)
  Re: Reviving some pov4 discussion  
From: clipka
Date: 15 Dec 2015 09:30:01
Message: <web.567023a68cd067d5ad6fa18f0@news.povray.org>
scott <sco### [at] scottcom> wrote:
> >> I've got a good scene:
> >>
> >> scene += Cone( {0,0,0},{0,1,0}, 2);
> >> std::remove("some important file");
> >>
> >> Is there any way to limit what damage a compiled C++ program can do?
> >
> > Absolutely.
> >
> > If by "compiled" you really do mean "compiled", it's as easy as
> > permitting only linkage to a tightly controlled set of libraries, of
> > which you know that they can't possibly do any harm (which may require
> > providing a custom runtime library).
>
> That sounds a lot of work, with still a small risk of someone finding a
> loophole to do something bad in their scene.
>
> > If by "compiled" you actually mean "built", i.e. compiled /and/ linked,
> > it's as "easy" as running the program in a virtual machine.
>
> Sounds a lot of work too, so that it's transparent to the casual user
> that the scene is being rendered in a virtual machine.

I didn't say there's any /feasible/ way (nor did I mean to) - just that there
/is/ a way ;)


Post a reply to this message

Copyright 2003-2021 Persistence of Vision Raytracer Pty. Ltd.