05:06 <technomancy> does racket have a way to prevent macros from erasing your hard drive, or is it always unsafe to compile an untrusted codebase?

16:35 <samth> technomancy: you can use the usual sandboxing facilities (this is what DrRacket does for automated background compilation). there is not a built-in mechanism to do this for compilation, in part because too much would not work

17:09 <technomancy> samth: so drracket does use a safe mechanism to compile in the background by default?

17:09 <samth> yes

17:09 <samth> as in, it creates a sandbox and calls the compiler explicitly inside of it

17:10 <samth> try `#lang racket (begin-for-syntax (with-output-to-file "/tmp/bar.txt" (lambda () (write 1))))` in DrRacket to see

17:11 <technomancy> cool! and since I remember reading that the LSP server is practically just "headless drracket" is it also true that it's safe to run the LSP server on untrusted code?

17:12 <samth> I do not know the details about how the LSP server handles those issues; I would not assume that the metaphor about "headless drracket" provides much guidance one way or the other

17:13 <technomancy> I understand; it's probably smart to be hesitant to give out security advice without reading carefully thru the code in question =)

17:14 <technomancy> I'm just curious because of how many different language servers I've found that do this unsafely; even opening a file can cause anything to happen with the rust language server, and I usually think of rust people as being more careful and disciplined than most

17:14 <samth> I believe that racket-mode for emacs, which uses substantial libraries from DrRacket, does not use a sandbox, but I could be wrong

17:18 <technomancy> sorry; I got disconnected. did I miss anything?

17:20 <samth> I believe that racket-mode for emacs, which uses substantial libraries from DrRacket, does not use a sandbox, but I could be wrong

17:22 <technomancy> sure, my understanding is that racket-mode is focused around a repl, so I wouldn't really expect there to be any safety guarantees there; you should assume it's going to run the code. LSP is focused around static analysis, and it operates automatically without any prompting other than opening a file, so evaluating untrusted code without a sandbox there is problematic.

17:22 <technomancy> different contexts

17:27 <technomancy> we are planning on adding a capabilities system to the macros in Fennel; we already have all macros sandboxed by default but today if you need to access the disk, you need to disable the sandbox altogether. we want to allow for more fine-grained control; say, this macro should have access to read files in that directory only, etc.

17:27 <technomancy> I figure yall are pretty well-versed in PLT lore; has anyone ever heard of prior art in this area?

19:29 <samth> technomancy: racket-mode really works more like drracket (or an LSP) than a traditional emacs Lisp interface

19:30 <samth> technomancy: the racket sandbox has that kind of fine-grained control but I do not know of any metaprogramming system (including Racket) that makes use of such. the closest analog I can think of is build systems like bazel