Fork me on GitHub
Robert Elliot11:10:47

I’ve been looking at remove-ns and load-file as suggested in for allowing clients to write rules - I’m worried though that this is very insecure, as both load-file and triggering the rules can execute arbitrary code. Anyone solved this already? Using a security manager? (This is the context behind this thread:

Robert Elliot11:10:31

We might define a DSL, would perhaps be a simpler way to make it hot reload without running untrusted code.


@robert511 rules and query constructs can be directly passed in a collection to make a session


It doesn’t have to invoke ns or files at all. So if you could somehow work that in. It’d like be a bit safer. Although the if you use the built in DSL macros there perhaps still could be risk of unsafe code getting in. Not as likely though.


You could also make any sort of DSL layer you wanted and just conform to Clara rule and query structure then pass that to session creation.