Forth Sandbox                                               -*-org-*-

Date: 2011-11-04

A project I think I'll put on a front burner soon is my web-based
Forth programming environment. I've had a prototype[1] online for
several months, and it's already been handy.

Since the purpose is to execute arbitrary code from arbitrary
programmers, security is big concern and should be developed in
parallel with primary functionality. (The interface is currently
secured with HTTP basic authentication, but that will not be
sufficient when made publicly available.)

I have so far identified three technologies I may use to provide
security (probably in combination).

1. wordlists can block access to problematic words within the Forth
   environment.  

2. Plash is a user program that creates a restricted sandbox
   environment and executes a specified program in the sandbos

3. Host the program in an isolated virtual server (VPS).


[1]: <http://papa.sdf.org/papa/cgi-bin/gforth.cgi>