API Reference
Sandboxes.baremodSandboxes.enter_replSandboxes.repl_inSandboxes.sandboxed_eval_exprSandboxes.sandboxify
Sandboxes.baremod — Methodbaremod()Return an anonymous baremodule
Sandboxes.enter_repl — Methodenter_repl(m::Module)Start a sandboxed REPL mode inside baremodule m.
Sandboxes.repl_in — Methodrepl_in(m::Module)Define a REPL that eval's sandboxed code inside the baremodule m.
Sandboxes.sandboxed_eval_expr — Methodsandboxed_eval_expr(m::Module, ex::Expr)Return an expression that, when evaluated, will safely evaluate some transformation of ex in m.
Sandboxes.sandboxify — Methodsandboxify(ex:Expr)Return an expression that, when evaluated in a baremodule, cannot:
- access identifiers in
Core - import other modules
- define new modules (this would allow escape by
evalor.Core) - define macros (this allows escape by returning
:(:Core))
To punch holes in the sandbox, interpolate values into the expression like this:
sandboxify( :( nand(a, b) = $(~)($(&)(a, b)) ) )The above example will return an expression for a function that will internally call ~ and & as defined in the scope you created the expression in, rather than as defined in the sandbox.