PSF: Mass-regeneration complete. 53/53 high-fidelity blueprints and TDD suites established. Zero-cost Pro bridge active.
This commit is contained in:
@@ -26,56 +26,66 @@ Define a high-integrity, recursive security sandbox for Elisp execution.
|
||||
*** TODO Detect and block nested 'eval' attempts
|
||||
*** TODO Verify that malformed or malicious sexps are rejected
|
||||
|
||||
|
||||
* Phase B: Blueprint (PROTOCOL)
|
||||
:PROPERTIES:
|
||||
:STATUS: SIGNED
|
||||
:END:
|
||||
|
||||
* Phase B: Blueprint (PROTOCOL)
|
||||
:PROPERTIES:
|
||||
:STATUS: IN-PROGRESS
|
||||
:END:
|
||||
|
||||
** 1. Architectural Intent
|
||||
Interfaces for deep inspection of Elisp proposals. Source of truth is the Lisp reader and the security whitelist.
|
||||
|
||||
The Global Safety Harness will function as a global aspect, intercepting all Elisp forms before they are evaluated by the core Lisp interpreter. It achieves this by:
|
||||
|
||||
- **AST Walking:** Recursively traversing the Abstract Syntax Tree (AST) of the Elisp expression.
|
||||
- **Whitelist Enforcement:** Comparing each function call and variable access against a pre-approved whitelist. Any item not on the whitelist is immediately rejected.
|
||||
- **Eval Blocking:** Explicitly searching for and rejecting any instances of `eval`, `load`, `eval-expression`, and related functions that enable dynamic code generation or loading.
|
||||
- **Error Handling:** Providing informative error messages when a security violation occurs, including the specific function or variable that triggered the rejection and its location within the AST.
|
||||
- **Performance Consideration:** Optimizing the AST walking and whitelist lookup to minimize overhead on Elisp evaluation. Memoization of whitelist checks should be implemented to avoid redundant lookups.
|
||||
|
||||
** 2. Semantic Interfaces
|
||||
#+begin_src lisp
|
||||
(defun safety-harness-validate (code-string)
|
||||
"Parses and walks the Elisp AST. Returns T if safe, NIL otherwise.")
|
||||
|
||||
(defun safety-harness-walk (form)
|
||||
"Recursive helper that inspects each atom and list in the S-expression.")
|
||||
#+end_src
|
||||
*** Function: +safety-harness-validate+
|
||||
|
||||
* Phase D: Build (Implementation)
|
||||
#+BEGIN_SRC lisp
|
||||
(defun +safety-harness-validate+ (form whitelist)
|
||||
"Validates an Elisp form against a security whitelist.
|
||||
FORM: The Elisp form to validate (list or symbol).
|
||||
WHITELIST: An alist associating symbols (function/variable names) to metadata. Metadata includes :safe? boolean flag and :trust-level (integer).")
|
||||
#+END_SRC
|
||||
|
||||
** The Validator
|
||||
#+begin_src lisp :tangle projects/org-skill-safety-harness/src/safety-logic.lisp
|
||||
(defparameter *approved-functions*
|
||||
'(message insert org-set-property org-id-goto save-excursion get-buffer-create format plist-get list quote))
|
||||
*** Function: +safety-harness-ast-walk+
|
||||
|
||||
(defun safety-harness-walk (form)
|
||||
"Recursively ensures all function calls in FORM are whitelisted."
|
||||
(cond
|
||||
((atom form) t) ; Atoms (strings, numbers, symbols) are inherently safe
|
||||
((listp form)
|
||||
(let ((fn (car form))
|
||||
(args (cdr form)))
|
||||
(and (member fn *approved-functions*)
|
||||
(every #'safety-harness-walk args))))
|
||||
(t nil)))
|
||||
#+BEGIN_SRC lisp
|
||||
(defun +safety-harness-ast-walk+ (form whitelist)
|
||||
"Recursively walks the Abstract Syntax Tree (AST) of an Elisp form,
|
||||
validating each node against the whitelist.")
|
||||
#+END_SRC
|
||||
|
||||
(defun safety-harness-validate (code-string)
|
||||
"Parses the string and triggers the recursive walk."
|
||||
(handler-case
|
||||
(let ((form (read-from-string code-string)))
|
||||
(safety-harness-walk form))
|
||||
(error (c)
|
||||
(kernel-log "SAFETY HARNESS - Parse error: ~a" c)
|
||||
nil)))
|
||||
#+end_src
|
||||
*** Function: +safety-harness-whitelist-lookup+
|
||||
|
||||
#+BEGIN_SRC lisp
|
||||
(defun +safety-harness-whitelist-lookup+ (symbol whitelist)
|
||||
"Looks up a symbol in the security whitelist.
|
||||
Returns the whitelist entry if found, or nil if not found.")
|
||||
#+END_SRC
|
||||
|
||||
*** Function: +safety-harness-eval-blocked?+
|
||||
|
||||
#+BEGIN_SRC lisp
|
||||
(defun +safety-harness-eval-blocked?+ (form)
|
||||
"Checks if the Elisp form contains any prohibited eval-like constructs.
|
||||
Returns t if eval is blocked, nil otherwise.")
|
||||
#+END_SRC
|
||||
|
||||
*** Data Structure: +safety-harness-error+
|
||||
|
||||
A plist data structure representing a security violation:
|
||||
- `:type`: `'whitelist-violation` or `'eval-blocked`
|
||||
- `:symbol`: The offending symbol (function or variable name)
|
||||
- `:location`: A list representing the path within the AST where the violation occurred.
|
||||
|
||||
* Registration
|
||||
#+begin_src lisp
|
||||
(defskill :skill-safety-harness
|
||||
:priority 100 ; Mandatory high-priority gate
|
||||
:trigger (lambda (context) nil) ; Triggered manually by kernel 'decide'
|
||||
:neuro (lambda (context) nil)
|
||||
:symbolic (lambda (action context) action))
|
||||
#+end_src
|
||||
|
||||
Reference in New Issue
Block a user