Boo - preventing arbitrary imports
https://stackoverflow.com/questions/8125180
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am currently assessing application scripting language candidates for hosting within a .Net application and have come across Boo. However I am struggling to see from the documentation if there is going to be anyway from preventing the user from importing whatever .Net namespace they want and hence have the ability to do a lot more dangerous things than I hope from the script.
Is there a way to prevent this?
Can I perhaps provide an import macro that overrides the import keyword at the moment?
It sounds from the documentation however like the macros are only searched "When an unknown syntactic structure is encountered". Perhaps import is already a macro in the language as they have used macro for other things such as print but it doesn't say it is.
Solution
Preventing imports isn't going to prevent anyone from accessing namespaces using the full path if the project already references the dll containing those namespace, and System.Core has plenty 'dangerous' things.
Scripting is inherently risky. If like most scripting environments, you leave some form of access to shell (File.Delete(), Process.Start()...) then you're pretty much open to damage, inadvertent or otherwise.
However, it's worth asking on the Boo mailing list, I'm sure someone will have a clever idea...
