The code sent to a pengine is executed in the context of the module
pengine_sandbox and the safety of goals is validated using safe_goal/1
prior to execution. Any pengine has access to the safe predicates
defined in library(sandbox). If a server wishes to extend
the set of predicates, it must:
- Define one or more modules that export the desired additional
predicates.
- Makes this code available to the sandbox using the call below,
assuming that the additional predicates are defined in the Prolog module
file
domain_predicates.pl
:- use_module(pengine_sandbox:domain_predicates).
- Register safe foreign predicates with
library(sandbox),
i.e., predicates that do not have side effects such as accessing the
file system, load foreign extensions, define other predicates outside
the sandbox environment, etc.
Note that the safety of Prolog predicate can typically be proven by library(sandbox).
This may not be the case if untracktable forms of meta-calling are used.
In this case it is adviced to avoid such code. If this is not possible,
the code must be carefully reviewed by hand and of proven to be safe it
may be registered with the sandbox library.
For example, basic RDF access can be granted to pengines using the
code below. Please study the sandboxing code carefully before adding
declarations.
:- use_module(pengine_sandbox:library(semweb/rdf_db)).
:- use_module(library(sandbox)).
:- multifile sandbox:safe_primitive/1.
sandbox:safe_primitive(rdf_db:rdf(_,_,_)).
