summaryrefslogtreecommitdiffstats
path: root/contrib/tcl/tests/safe.test
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/tcl/tests/safe.test')
-rw-r--r--contrib/tcl/tests/safe.test595
1 files changed, 337 insertions, 258 deletions
diff --git a/contrib/tcl/tests/safe.test b/contrib/tcl/tests/safe.test
index 702bf8d..d68424b 100644
--- a/contrib/tcl/tests/safe.test
+++ b/contrib/tcl/tests/safe.test
@@ -1,6 +1,6 @@
# safe.test --
#
-# This file contains a collection of tests for security policies, safe Tcl,
+# This file contains a collection of tests for safe Tcl, packages loading,
# and using safe interpreters. Sourcing this file into tcl runs the tests
# and generates output for errors. No output means no errors were found.
#
@@ -9,10 +9,7 @@
# See the file "license.terms" for information on usage and redistribution
# of this file, and for a DISCLAIMER OF ALL WARRANTIES.
#
-# SCCS: @(#) safe.test 1.13 97/06/24 17:33:22
-
-# NOTE: The tests in this file only pass if you invoke them from the
-# "tests" directory.
+# SCCS: @(#) safe.test 1.31 97/08/14 00:55:56
if {[string compare test [info procs test]] == 1} then {source defs}
@@ -20,305 +17,387 @@ foreach i [interp slaves] {
interp delete $i
}
+# Force actual loading of the safe package
+# because we use un exported (and thus un-autoindexed) APIs
+# in this test result arguments:
+catch {safe::interpConfigure}
+
proc equiv {x} {return $x}
-test safe-1.1 {creating interpreters, should have no aliases} {
+test safe-1.1 {safe::interpConfigure syntax} {
+ list [catch {safe::interpConfigure} msg] $msg;
+} {1 {no value given for parameter "slave" (use -help for full usage) :
+ slave name () name of the slave}}
+
+test safe-1.2 {safe::interpCreate syntax} {
+ list [catch {safe::interpCreate -help} msg] $msg;
+} {1 {Usage information:
+ Var/FlagName Type Value Help
+ ------------ ---- ----- ----
+ ( -help gives this help )
+ ?slave? name () name of the slave (optional)
+ -accessPath list () access path for the slave
+ -noStatics boolflag (false) prevent loading of statically linked pkgs
+ -nestedLoadOk boolflag (false) allow nested loading
+ -deleteHook script () delete hook}}
+
+test safe-1.3 {safe::interpInit syntax} {
+ list [catch {safe::interpInit -noStatics} msg] $msg;
+} {1 {bad value "-noStatics" for parameter
+ slave name () name of the slave}}
+
+
+test safe-2.1 {creating interpreters, should have no aliases} {
interp aliases
} ""
-test safe-1.2 {creating interpreters, should have no aliases} {
- catch {tcl_safeDeleteInterp a}
+test safe-2.2 {creating interpreters, should have no aliases} {
+ catch {safe::interpDelete a}
interp create a
set l [a aliases]
- interp delete a
+ safe::interpDelete a
set l
} ""
-test safe-1.3 {creating safe interpreters, should have no aliases} {
- catch {tcl_safeDeleteInterp a}
+test safe-2.3 {creating safe interpreters, should have no aliases} {
+ catch {safe::interpDelete a}
interp create a -safe
set l [a aliases]
interp delete a
set l
} ""
-test safe-2.1 {calling tcl_SafeInit is safe} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
+test safe-3.1 {calling safe::interpInit is safe} {
+ catch {safe::interpDelete a}
+ interp create a -safe
+ safe::interpInit a
catch {interp eval a exec ls} msg
- tcl_safeDeleteInterp a
+ safe::interpDelete a
set msg
} {invalid command name "exec"}
-test safe-2.2 {calling tcl_safeCreateInterp on trusted interp} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
+test safe-3.2 {calling safe::interpCreate on trusted interp} {
+ catch {safe::interpDelete a}
+ safe::interpCreate a
set l [lsort [a aliases]]
- tcl_safeDeleteInterp a
+ safe::interpDelete a
set l
-} {exit file load source tclPkgUnknown}
-test safe-2.3 {calling tcl_safeCreateInterp on trusted interp} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
+} {exit file load source}
+test safe-3.3 {calling safe::interpCreate on trusted interp} {
+ catch {safe::interpDelete a}
+ safe::interpCreate a
set x [interp eval a {source [file join $tcl_library init.tcl]}]
- tcl_safeDeleteInterp a
+ safe::interpDelete a
set x
} ""
-test safe-2.4 {calling tcl_safeCreateInterp on trusted interp} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
+test safe-3.4 {calling safe::interpCreate on trusted interp} {
+ catch {safe::interpDelete a}
+ safe::interpCreate a
catch {set x \
[interp eval a {source [file join $tcl_library init.tcl]}]} msg
- tcl_safeDeleteInterp a
+ safe::interpDelete a
list $x $msg
} {{} {}}
-test safe-3.1 {tcl_safeDeleteInterp} {
- catch {tcl_safeDeleteInterp a}
+test safe-4.1 {safe::interpDelete} {
+ catch {safe::interpDelete a}
interp create a
- tcl_safeDeleteInterp a
+ safe::interpDelete a
} ""
-test safe-3.2 {tcl_safeDeleteInterp, indirectly} {
- catch {tcl_safeDeleteInterp a}
+test safe-4.2 {safe::interpDelete, indirectly} {
+ catch {safe::interpDelete a}
interp create a
- a alias exit tcl_safeDeleteInterp a
+ a alias exit safe::interpDelete a
a eval exit
} ""
-test safe-3.3 {tcl_safeDeleteInterp, state array} {
- catch {tcl_safeDeleteInterp a}
- set tclSafea(foo) 33
- tcl_safeDeleteInterp a
- catch {set tclSafea(foo)} msg
- set msg
-} {can't read "tclSafea(foo)": no such variable}
-test safe-3.4 {tcl_safeDeleteInterp, state array, indirectly} {
- catch {tcl_safeDeleteInterp a}
- set tclSafea(foo) 33
- tcl_safeCreateInterp a
+test safe-4.3 {safe::interpDelete, state array (not a public api)} {
+ catch {safe::interpDelete a}
+ namespace eval safe {set [InterpStateName a](foo) 33}
+ # not an error anymore to call it if interp is already
+ # deleted, to make trhings smooth if it's called twice...
+ catch {safe::interpDelete a} m1
+ catch {namespace eval safe {set [InterpStateName a](foo)}} m2
+ list $m1 $m2
+} "{}\
+ {can't read \"[safe::InterpStateName a]\": no such variable}"
+
+
+test safe-4.4 {safe::interpDelete, state array, indirectly (not a public api)} {
+ catch {safe::interpDelete a}
+ safe::interpCreate a
+ namespace eval safe {set [InterpStateName a](foo) 33}
a eval exit
- catch {set tclSafea(foo)} msg
- set msg
-} {can't read "tclSafea(foo)": no such variable}
-test safe-3.5 {tcl_safeDeleteInterp} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
- catch {tcl_safeCreateInterp a} msg
+ catch {namespace eval safe {set [InterpStateName a](foo)}} msg
+} 1
+
+test safe-4.5 {safe::interpDelete} {
+ catch {safe::interpDelete a}
+ safe::interpCreate a
+ catch {safe::interpCreate a} msg
set msg
} {interpreter named "a" already exists, cannot create}
-test safe-3.6 {tcl_safeDeleteInterp, indirectly} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
+test safe-4.6 {safe::interpDelete, indirectly} {
+ catch {safe::interpDelete a}
+ safe::interpCreate a
a eval exit
} ""
-test safe-3.7 {tcl_safeDeleteInterp, state array} {
- catch {tcl_safeDeleteInterp a}
- set tclSafea(foo) 33
- tcl_safeCreateInterp a
- tcl_safeDeleteInterp a
- catch {set tclSafea(foo)} msg
- set msg
-} {can't read "tclSafea(foo)": no such variable}
-test safe-3.8 {tcl_safeDeleteInterp, state array, indirectly} {
- catch {tcl_safeDeleteInterp a}
- set tclSafea(foo) 33
- tcl_safeCreateInterp a
- a eval exit
- catch {set tclSafea(foo)} msg
- set msg
-} {can't read "tclSafea(foo)": no such variable}
-# For the following tests, we need a policyPath; we assume that the
-# test directory has a subdirectory policies, and we will use that.
+# The following test checks whether the definition of tcl_endOfWord can be
+# obtained from auto_loading.
-# Save old value of tcl_PolicyPath so we can restore it once we are
-# done with this test sequence:
+test safe-5.1 {test auto-loading in safe interpreters} {
+ catch {safe::interpDelete a}
+ safe::interpCreate a
+ set r [catch {interp eval a {tcl_endOfWord "" 0}} msg]
+ safe::interpDelete a
+ list $r $msg
+} {0 -1}
-set my_old_auto_path $auto_path
-lappend auto_path [pwd]
+# test safe interps 'information leak'
+proc SI {} {
+ global I
+ set I [interp create -safe];
+}
+proc DI {} {
+ global I;
+ interp delete $I;
+}
+test safe-6.1 {test safe interpreters knowledge of the world} {
+ SI; set r [lsort [$I eval {info globals}]]; DI; set r
+} {tcl_interactive tcl_patchLevel tcl_platform tcl_version}
+test safe-6.2 {test safe interpreters knowledge of the world} {
+ SI; set r [$I eval {info script}]; DI; set r
+} {}
+test safe-6.3 {test safe interpreters knowledge of the world} {
+ SI; set r [lsort [$I eval {array names tcl_platform}]]; DI; set r
+} {byteOrder platform}
-test safe-4.1 {loading a policy from the main directory} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
- set l [a eval {package require globalPolicy}]
- tcl_safeDeleteInterp a
- set l
-} 1.0
-test safe-4.2 {same, loading into safe interpreter} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
- set l [a eval {package require globalPolicy}]
- tcl_safeDeleteInterp a
- set l
-} 1.0
-test safe-4.3 {loading a policy from a subdirectory} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
- set l [a eval {package require policyA}]
- tcl_safeDeleteInterp a
- set l
+# more test should be added to check that hostname, nameofexecutable,
+# aren't leaking infos, but they still do...
+
+# high level general test
+test safe-7.1 {tests that everything works at high level} {
+ set i [safe::interpCreate];
+ # no error shall occur:
+ # (because the default access_path shall include 1st level sub dirs
+ # so package require in a slave works like in the master)
+ set v [interp eval $i {package require http 1}]
+ # no error shall occur:
+ interp eval $i {http_config};
+ safe::interpDelete $i
+ set v
} 1.0
-test safe-4.4 {loading a policy, unloading, reloading -- clean} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
- set l ""
- lappend l [a eval {package require policyA}]
- tcl_safeDeleteInterp a
- tcl_safeCreateInterp a
- lappend l [a eval {package require policyA}]
- tcl_safeDeleteInterp a
- set l
-} {1.0 1.0}
-test safe-4.5 {loading two policies - prevented} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
- set l ""
- lappend l [a eval {package require policyA}]
- lappend l [catch {a eval {package require policyB}} msg]
- lappend l $msg
- tcl_safeDeleteInterp a
- set l
-} {1.0 1 {security policy policyA already loaded}}
-test safe-4.6 {two interpreters can have different policies} {
- catch {tcl_safeDeleteInterp a}
- catch {tcl_safeDeleteInterp b}
- tcl_safeCreateInterp a
- tcl_safeCreateInterp b
- set l ""
- lappend l [a eval {package require policyA}]
- lappend l [b eval {package require policyB}]
- tcl_safeDeleteInterp a
- tcl_safeDeleteInterp b
- set l
-} {1.0 1.0}
-test safe-4.7 {safe, loading policy, unloading, reloading: clean} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
- set l ""
- lappend l [a eval {package require policyA}]
- tcl_safeDeleteInterp a
- tcl_safeCreateInterp a
- lappend l [a eval {package require policyA}]
- tcl_safeDeleteInterp a
- set l
-} {1.0 1.0}
-test safe-4.8 {safe, loading two policies - prevented} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
- set l ""
- lappend l [a eval {package require policyA}]
- lappend l [catch {a eval {package require policyB}} msg]
- lappend l $msg
- tcl_safeDeleteInterp a
- set l
-} {1.0 1 {security policy policyA already loaded}}
-test safe-4.9 {safe, two interpreters have different policies} {
- catch {tcl_safeDeleteInterp a}
- catch {tcl_safeDeleteInterp b}
- tcl_safeCreateInterp a
- tcl_safeCreateInterp b
- set l ""
- lappend l [a eval {package require policyA}]
- lappend l [b eval {package require policyB}]
- tcl_safeDeleteInterp a
- tcl_safeDeleteInterp b
- set l
-} {1.0 1.0}
-
-test safe-5.1 {unloading runs policy cleanup code} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
- set l ""
- lappend l [a eval {package require policyC}]
- tcl_safeDeleteInterp a
- set l ;# the cleanup side-effects the global variable "l"
-} {1.0 bye}
-
-# For the following tests we need an auto_path that has the policies and
-# packages directories in it.
-
-lappend auto_path [file join [pwd] policies] \
- [file join [pwd] policies packages]
-
-proc findPackage {i n} {
- set l [$i eval {package names}]
- if {[lsearch $l $n] > -1} {
- return 1
+
+test safe-7.2 {tests specific path and interpFind/AddToAccessPath} {
+ set i [safe::interpCreate -nostat -nested -accessPath [list [info library]]];
+ # should not add anything (p0)
+ set token1 [safe::interpAddToAccessPath $i [info library]]
+ # should add as p1
+ set token2 [safe::interpAddToAccessPath $i "/dummy/unixlike/test/path"];
+ # an error shall occur (http is not anymore in the secure 0-level
+ # provided deep path)
+ list $token1 $token2 \
+ [catch {interp eval $i {package require http 1}} msg] $msg \
+ [safe::interpConfigure $i]\
+ [safe::interpDelete $i]
+} "{\$p(:0:)} {\$p(:1:)} 1 {can't find package http 1} {-accessPath {$tcl_library /dummy/unixlike/test/path} -noStatics -nestedLoadOk -deleteHook {}} {}"
+
+
+# test source control on file name
+test safe-8.1 {safe source control on file} {
+ set i "a";
+ catch {safe::interpDelete $i}
+ safe::interpCreate $i;
+ list [catch {$i eval {source}} msg] \
+ $msg \
+ [safe::interpDelete $i] ;
+} {1 {wrong # args: should be "source fileName"} {}}
+
+# test source control on file name
+test safe-8.2 {safe source control on file} {
+ set i "a";
+ catch {safe::interpDelete $i}
+ safe::interpCreate $i;
+ list [catch {$i eval {source}} msg] \
+ $msg \
+ [safe::interpDelete $i] ;
+} {1 {wrong # args: should be "source fileName"} {}}
+
+test safe-8.3 {safe source control on file} {
+ set i "a";
+ catch {safe::interpDelete $i}
+ safe::interpCreate $i;
+ set log {};
+ proc safe-test-log {str} {global log; lappend log $str}
+ set prevlog [safe::setLogCmd];
+ safe::setLogCmd safe-test-log;
+ list [catch {$i eval {source .}} msg] \
+ $msg \
+ $log \
+ [safe::setLogCmd $prevlog; unset log] \
+ [safe::interpDelete $i] ;
+} {1 {permission denied} {{ERROR for slave a : ".": is a directory}} {} {}}
+
+
+test safe-8.4 {safe source control on file} {
+ set i "a";
+ catch {safe::interpDelete $i}
+ safe::interpCreate $i;
+ set log {};
+ proc safe-test-log {str} {global log; lappend log $str}
+ set prevlog [safe::setLogCmd];
+ safe::setLogCmd safe-test-log;
+ list [catch {$i eval {source /abc/def}} msg] \
+ $msg \
+ $log \
+ [safe::setLogCmd $prevlog; unset log] \
+ [safe::interpDelete $i] ;
+} {1 {permission denied} {{ERROR for slave a : "/abc/def": not in access_path}} {} {}}
+
+
+test safe-8.5 {safe source control on file} {
+ set i "a";
+ catch {safe::interpDelete $i}
+ safe::interpCreate $i;
+ set log {};
+ proc safe-test-log {str} {global log; lappend log $str}
+ set prevlog [safe::setLogCmd];
+ safe::setLogCmd safe-test-log;
+ list [catch {$i eval {source [file join [info lib] blah]}} msg] \
+ $msg \
+ $log \
+ [safe::setLogCmd $prevlog; unset log] \
+ [safe::interpDelete $i] ;
+} "1 {blah: must be a *.tcl or tclIndex} {{ERROR for slave a : [file join [info library] blah]:blah: must be a *.tcl or tclIndex}} {} {}"
+
+
+test safe-8.6 {safe source control on file} {
+ set i "a";
+ catch {safe::interpDelete $i}
+ safe::interpCreate $i;
+ set log {};
+ proc safe-test-log {str} {global log; lappend log $str}
+ set prevlog [safe::setLogCmd];
+ safe::setLogCmd safe-test-log;
+ list [catch {$i eval {source [file join [info lib] blah.tcl]}} msg] \
+ $msg \
+ $log \
+ [safe::setLogCmd $prevlog; unset log] \
+ [safe::interpDelete $i] ;
+} "1 {no such file or directory} {{ERROR for slave a : [file join [info library] blah.tcl]:no such file or directory}} {} {}"
+
+
+test safe-8.7 {safe source control on file} {
+ set i "a";
+ catch {safe::interpDelete $i}
+ safe::interpCreate $i;
+ set log {};
+ proc safe-test-log {str} {global log; lappend log $str}
+ set prevlog [safe::setLogCmd];
+ safe::setLogCmd safe-test-log;
+ list [catch {$i eval {source [file join [info lib] xxxxxxxxxxx.tcl]}}\
+ msg] \
+ $msg \
+ $log \
+ [safe::setLogCmd $prevlog; unset log] \
+ [safe::interpDelete $i] ;
+} "1 {xxxxxxxxxxx.tcl: filename too long} {{ERROR for slave a : [file join [info library] xxxxxxxxxxx.tcl]:xxxxxxxxxxx.tcl: filename too long}} {} {}"
+
+test safe-8.8 {safe source forbids -rsrc} {
+ set i "a";
+ catch {safe::interpDelete $i}
+ safe::interpCreate $i;
+ list [catch {$i eval {source -rsrc Init}} msg] \
+ $msg \
+ [safe::interpDelete $i] ;
+} {1 {wrong # args: should be "source fileName"} {}}
+
+
+test safe-9.1 {safe interps' deleteHook} {
+ set i "a";
+ catch {safe::interpDelete $i}
+ set res {}
+ proc testDelHook {args} {
+ global res;
+ # the interp still exists at that point
+ interp eval a {set delete 1}
+ # mark that we've been here (successfully)
+ set res $args;
}
- return 0
-}
+ safe::interpCreate $i -deleteHook "testDelHook arg1 arg2";
+ list [interp eval $i exit] $res
+} {{} {arg1 arg2 a}}
-test safe-6.1 {loading packages still works} {
- catch {tcl_safeDeleteInterp a}
- interp create a
- set l ""
- a eval [list set auto_path $auto_path]
- lappend l [a eval {package require packageA 1.0}]
- lappend l [a eval hoohum]
- lappend l [a eval info proc hoohum]
- tcl_safeDeleteInterp a
- set l
-} {1.0 bazooka hoohum}
-test safe-6.2 {tcl_safeCreateInterp, loading packages} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
- set l ""
- lappend l [a eval {package require packageA 1.0}]
- lappend l [a eval hoohum]
- lappend l [a eval info proc hoohum]
- tcl_safeDeleteInterp a
- set l
-} {1.0 bazooka hoohum}
-test safe-6.3 {policies vs packages} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
- set l ""
- lappend l [a eval {package require policyA}]
- lappend l [a eval {package require packageA}]
- lappend l [findPackage a policyA]
- lappend l [findPackage a packageA]
- lappend l [findPackage a hohum]
- tcl_safeDeleteInterp a
- set l
-} {1.0 1.0 1 1 0}
-test safe-6.4 {policies vs packages} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
- set l ""
- lappend l [a eval {package require policyA}]
- lappend l [a eval {package require packageA}]
- lappend l [findPackage a Tcl]
- lappend l [findPackage a policyA]
- lappend l [findPackage a hohum]
- tcl_safeDeleteInterp a
- set l
-} {1.0 1.0 1 1 0}
-test safe-6.5 {policies vs packages vs policies} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
- set l ""
- lappend l [a eval {package require policyA}]
- lappend l [a eval {package require packageA}]
- catch {a eval {package require policyB}} msg
- lappend l $msg
- lappend l [findPackage a Tcl]
- lappend l [findPackage a policyA]
- lappend l [findPackage a policyB]
- tcl_safeDeleteInterp a
- set l
-} {1.0 1.0 {security policy policyA already loaded} 1 1 0}
+test safe-9.2 {safe interps' error in deleteHook} {
+ set i "a";
+ catch {safe::interpDelete $i}
+ set res {}
+ proc testDelHook {args} {
+ global res;
+ # the interp still exists at that point
+ interp eval a {set delete 1}
+ # mark that we've been here (successfully)
+ set res $args;
+ # create an exception
+ error "being catched";
+ }
+ set log {};
+ proc safe-test-log {str} {global log; lappend log $str}
+ safe::interpCreate $i -deleteHook "testDelHook arg1 arg2";
+ set prevlog [safe::setLogCmd];
+ safe::setLogCmd safe-test-log;
+ list [safe::interpDelete $i] $res \
+ $log \
+ [safe::setLogCmd $prevlog; unset log];
+} {{} {arg1 arg2 a} {{NOTICE for slave a : About to delete} {ERROR for slave a : Delete hook error (being catched)} {NOTICE for slave a : Deleted}} {}}
-# The following test checks whether the definition of tcl_endOfWord can be
-# obtained from auto_loading.
-test safe-7.1 {test auto-loading in safe interpreters} {
- catch {tcl_safeDeleteInterp a}
- tcl_safeCreateInterp a
- set r [catch {interp eval a {tcl_endOfWord "" 0}} msg]
- tcl_safeDeleteInterp a
- list $r $msg
-} {0 -1}
-# Restore settings to what they were before this file was sourced:
+# features which still need test cases:
+# -nostatics and -nestedloadok which
+# are not easily tested from tclsh, can be
+# tested in wish though (safetk.test)
+# (we'd need a static package)
+# we have Tcltest !
+
+if {[catch {package require Tcltest} msg]} {
+ puts "This application hasn't been compiled with Tcltest"
+ puts "skipping remining safe test that relies on it."
+} else {
-set auto_path $my_old_auto_path
-unset my_old_auto_path
+ # we use the Tcltest package , which has no Safe_Init
-# set auto_path $old_auto_path
-# unset old_auto_path
+test safe-10.1 {testing statics loading} {
+ set i [safe::interpCreate]
+ list \
+ [catch {interp eval $i {load {} Tcltest}} msg] \
+ $msg \
+ [safe::interpDelete $i];
+} {1 {can't use package in a safe interpreter: no Tcltest_SafeInit procedure} {}}
+
+test safe-10.2 {testing statics loading / -nostatics} {
+ set i [safe::interpCreate -nostatics]
+ list \
+ [catch {interp eval $i {load {} Tcltest}} msg] \
+ $msg \
+ [safe::interpDelete $i];
+} {1 {permission denied (static package)} {}}
+
+
+
+test safe-10.3 {testing nested statics loading / no nested by default} {
+ set i [safe::interpCreate]
+ list \
+ [catch {interp eval $i {interp create x; load {} Tcltest x}} msg] \
+ $msg \
+ [safe::interpDelete $i];
+} {1 {permission denied (nested load)} {}}
+
+
+test safe-10.4 {testing nested statics loading / -nestedloadok} {
+ set i [safe::interpCreate -nested]
+ list \
+ [catch {interp eval $i {interp create x; load {} Tcltest x}} msg] \
+ $msg \
+ [safe::interpDelete $i];
+} {1 {can't use package in a safe interpreter: no Tcltest_SafeInit procedure} {}}
+
+
+}
OpenPOWER on IntegriCloud