Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

6. Interacting with the World: Reading a... > The Dangers of read and eval

The Dangers of read and eval

We’ve used both the eval and the read commands in creating a custom Lisp REPL. These commands are very powerful, but also very dangerous. Using them without taking the proper precautions might allow a hacker to attack your software by running malicious commands.

For example, suppose our program needed a function called format-harddrive. This is not a function we would want just any person to have access to, and it could be very dangerous if a hacker somehow tricked our game REPL into calling it.

The game-eval function we created earlier in this chapter has some crude safeguards to prevent a player from entering format-harddrive as a game command. Here’s what happens if we try to run this command in our new game REPL:


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free 10-Day Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint