On Wed, 21 Jan 2009, Linda Messerschmidt wrote:
> I have been playing around Pike some more and I was shocked by how
> easy it was to put together the thread basics for my app. I am pretty
> much convinced that this is the way we need to go, especially after my
> previous question turned out so well!
>
> I do have a couple of other questions though.
>
> The easier one:
>
> My app needs to do a timed wait between threads... all I want is for
> one thread to wait a few seconds for a message that may or may not
> arrive from another thread. If the message doesn't show up, I just
> want it to give up rather than sleep forever. I accidentally coded my
> own thread-safe Queue for this before I realized there already was
> one, but both sleep forever if the message doesn't arrive. I looked at
> setting a timeout with alarm() but since Unix signal delivery isn't
> thread-safe, I don't think that will work. The current C++ version
> does this with select().
Pike doesn't utilize pthread_cond_timedwait() yet, but the following
should be a fair approximation as long as you have a live backend thread:
key = mutex->lock();
// ...
while (keep_trying) {
// ...
mixed co = call_out(cond->broadcast, timeout);
cond->wait(key);
timeout = remove_call_out(co);
if (zero_type(timeout)) {
// The timeout triggered.
}
// ...
}
> I'm pretty sure I can find a way to do the equivalent in Pike, but is
> there an easy/standard way?
>
> The harder one:
>
> compile_string() will let me let the user do whatever they want, which
> is absolutely the goal but this is just supposed to be a control
> language for our modeler, so there's no reason to allow extra
> functionality. At first I thought I could just pull the library
> modules I didn't want them to have, but then I realized that I'd need
> stuff that for the core of the app.
>
> I don't expect actual maliciousness, but I would like to do what I can
> to protect the system from catastrophic user error and casual
> prodding. I don't want to have to clean up if somebody tries to open
> a Gtk debug window in a loop that winds up getting called a few
> hundred thousand times. :)
>
> Mainly I want to stop them from writing files, creating threads, or
> using any windowing/graphical stuff. Is there any way, however crazy,
> to "taint" parts of the program, or put them in a sandbox, and prevent
> them from accessing stuff I designate off-limits? Is this where that
> "master" stuff I saw in the discussion archives comes in? Or is it
> just not possible?
Providing a subset of the module namespace to the programs being compiled
is usually done by using a custom CompilationHandler object.
See
http://pike.ida.liu.se/generated/manual/modref/ex/predef_3A_3A/CompilationHandler.html
for details.
You can also hide/overload some global symbols by using add_constant().
> Thanks again for any suggestions!
>
> -LM
--
Henrik Grubbström <grubba[at]roxen.com>
Roxen Internet Software AB
|