Safe

Safe

load Home Page New Index lower 

_________________________________________________________________

NAME
       loadTk - Load Tk into a safe interpreter.

SYNOPSIS
       ::safe::loadTk slave ?-use windowId?
_________________________________________________________________

       Safe  Tk  is based on Safe Tcl, which provides a mechanism
       that allows restricted and mediated access to auto-loading
       and  packages  for  safe  interpreters.   Safe Tk adds the
       ability to configure the interpreter for  safe  Tk  opera-
       tions and load Tk into safe interpreters.

DESCRIPTION
       The  ::safe::loadTk  command initializes the required data
       structures in the named safe interpreter and then loads Tk
       into  it.  The command returns the name of the safe inter-
       preter.  If -use is specified, the  window  identified  by
       the specified system dependent identifier windowId is used
       to contain the ``.''  window of the safe  interpreter;  it
       can  be  any  valid  id,  eventually  referencing a window
       belonging  to  another  application.   Otherwise,  a   new
       toplevel  window  is  created  for the ``.'' window of the
       safe interpreter.  See the SECURITY ISSUES  section  below
       for implementation details.

SECURITY ISSUES
       Please  read  the  safe manual page for Tcl to learn about
       the basic security considerations for Safe Tcl.

       Information  in  the  safe  interpreter  should  never  be
       trusted  for  security purposes.  However, because Tk ini-
       tialization of the safe interpreter do use local  informa-
       tion,  it  is  unsafe  if  the safe interpreter could have
       gained control before Tk is loaded.  This will be fixed in
       an upcoming release, by making Tk initialization in a safe
       interpreter use  only  information  found  in  the  inter-
       preter's  master instead of relying on the (un)safe inter-
       preter state.

       You should therefore use safe::loadTk $slave  as  soon  as
       possible  after  safe::interpCreate and before any code is
       evaluated in the safe interpreter.  The preferred sequence
       is:
              set slave [::safe::loadTk [::safe::interpCreate]]
       If  you  want to prevent safe interpreters from loading Tk
       entirely, you should create the interpreter as follows:
              ::safe::interpCreate -nostatics -accesspath {directories...}
       and you must also insure  that  the  virtual  access  path
       directories   for  the  interpreter  does  not  contain  a

       dynamically loadable version of Tk.

       ::safe::loadTk adds the value of tk_library taken from the
       master  interpreter to the virtual access path of the safe
       interpreter so that auto-loading will  work  in  the  safe
       interpreter.  It also sets env(DISPLAY) in the safe inter-
       preter to the value of env(DISPLAY) in the  master  inter-
       preter,  if  it  exists.  Finally, it sets the slave's Tcl
       variable argv to -use windowId in the safe interpreter.

       When -use is not used, the new toplevel  created  is  spe-
       cially decorated so the user is always aware that the user
       interface presented comes from a potentially  unsafe  code
       and can easily delete the corresponding interpreter.

SEE ALSO
       safe(n) interp(n) library(n) load(n) package(n) 
       source(n) unknown(n) 

KEYWORDS
       alias, auto-loading,  auto_mkindex,  load,  master  inter-
       preter, safe interpreter, slave interpreter, source
load Home Page New Index lower