Created
April 4, 2012 20:30
-
-
Save hadley/2305356 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| f <- function() { | |
| c <- match.call() | |
| c[[1]] <- as.name("get") | |
| c[[2]] <- "get" | |
| c | |
| as.function(c(alist(), c)) | |
| } | |
| f()()("x") | |
| f <- function() { | |
| c <- match.call() | |
| c[[1]] <- as.name("get") | |
| c[[2]] <- "get" | |
| body(f) <- c | |
| f | |
| } | |
| f()()("x") |
Something doesn't seem quite right with your modified get function:
x <- 1
get("x")
->
object 'x' not found
On Wed, Apr 4, 2012 at 6:46 PM, Gergely Daróczi ***@***.*** wrote:
Yes, there were "some" ways of calling `get` not identified by the filtering rules.
I have improved the filter plus implemented your great idea of running commands in a sandboxed environment just to be sure. I hope the sandbox is getting quite mighty now, I have to think about removing some of the needless (but too restrictive) regexp checks.
In short: thanks again! And please try to hack my server with the hardened rules.
---
Reply to this email directly or view it on GitHub:
https://gist.github.com/2305356
##
Assistant Professor / Dobelman Family Junior Chair
Department of Statistics / Rice University
http://had.co.nz/
You are right, sorry for the trouble and thanks!
I've pushed a quickfix, and should work now. But after Easter passed I would really start to (re)work the current approach, which could not lead to such buggy issues. I have some ideas to test before.
I have extended my testfile and it seems that those nasty bugs are gone now.
Besides that I could redesign the filtering mechanism and made it a lot simpler (with a not so neat hack of modifying formula.character) which seems to make its job ATM. Your really appreciated feedback is still really welcomed!
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Yes, there were "some" ways of calling
getnot identified by the filtering rules.I have improved the filter plus implemented your great idea of running commands in a sandboxed environment just to be sure. I hope the sandbox is getting quite mighty now, I have to think about removing some of the needless (but too restrictive) regexp checks.
In short: thanks again! And please try to hack my server with the hardened rules.