private static void makeSafe( Interp interp ) { Channel chan; // Channel to remove from safe interpreter. interp.hideUnsafeCommands(); interp._isSafe = true; // Unsetting variables : (which should not have been set // in the first place, but...) // No env array in a safe slave. try { interp.UnsetVar( "env", TCL.VarFlag.GLOBAL_ONLY ); } catch ( TclException e ) { } // Remove unsafe parts of tcl_platform try { interp.UnsetVar( "tcl_platform", "os", TCL.VarFlag.GLOBAL_ONLY ); } catch ( TclException e ) { } try { interp.UnsetVar( "tcl_platform", "osVersion", TCL.VarFlag.GLOBAL_ONLY ); } catch ( TclException e ) { } try { interp.UnsetVar( "tcl_platform", "machine", TCL.VarFlag.GLOBAL_ONLY ); } catch ( TclException e ) { } try { interp.UnsetVar( "tcl_platform", "user", TCL.VarFlag.GLOBAL_ONLY ); } catch ( TclException e ) { } // Unset path informations variables // (the only one remaining is [info nameofexecutable]) try { interp.UnsetVar( "tclDefaultLibrary", TCL.VarFlag.GLOBAL_ONLY ); } catch ( TclException e ) { } try { interp.UnsetVar( "tcl_library", TCL.VarFlag.GLOBAL_ONLY ); } catch ( TclException e ) { } try { interp.UnsetVar( "tcl_pkgPath", TCL.VarFlag.GLOBAL_ONLY ); } catch ( TclException e ) { } // Remove the standard channels from the interpreter; safe interpreters // do not ordinarily have access to stdin, stdout and stderr. // // NOTE: These channels are not added to the interpreter by the // Tcl_CreateInterp call, but may be added later, by another I/O // operation. We want to ensure that the interpreter does not have // these channels even if it is being made safe after being used for // some time.. chan = TclIO.GetStdChannel( StdChannel.STDIN ); if ( chan != null ) { TclIO.unregisterChannel( interp, chan ); } chan = TclIO.GetStdChannel( StdChannel.STDOUT ); if ( chan != null ) { TclIO.unregisterChannel( interp, chan ); } chan = TclIO.GetStdChannel( StdChannel.STDERR ); if ( chan != null ) { TclIO.unregisterChannel( interp, chan ); } }