Security Guards

Before a primitive procedure accesses the filesystem or creates a network connection, it should first consult the current security guard to determine whether such access is allowed for the current thread.

File access is normally preceded by a call to scheme_expand_filename, which accepts flags to indicate the kind of filesystem access needed, so that the security guard is consulted automatically.

An explicit filesystem-access check can be made by calling scheme_security_check_file. Similarly, an explicit network-access check is performed by calling scheme_security_check_network.

15.1  Library Functions

¤ void scheme_security_check_file(const char *who, char *filename, int guards)

Consults the current security manager to determine whether access is allowed to filename. The guards argument should be a bitwise combination of the following:

The filename argument can be NULL (in which case #f is sent to the security manager's procedure), and guards should be SCHEME_GUARD_FILE_EXISTS in that case.

If access is denied, an exception is raised.

¤ void scheme_security_check_network(const char *who, char *host, int portno)

Consults the current security manager to determine whether access is allowed for creating a client connection to host on port number portno. If host is NULL, the security manager is consulted for creating a server at port number portno.

If access is denied, an exception is raised.