Security - Maple Programming Help

Home : Support : Online Help : System : Security : Security/Config

Security

 Config
 retrieve and update the current security settings

 Calling Sequence Config() Config( name1 = val1, name2 = val2, ... )

Parameters

 name1, name2, ... - recognized security setting names val1, val2, ... - boolean names or lists of file specifications, depending on the name; see below

Description

 • This routine is used to update and retrieve the current security settings. Security settings can only be modified when security is disabled. Changes to security settings are lost on restart.
 This routine returns the current security settings (prior to the call) as an expression sequence of equations of the form name = val. Here, name is a recognized security setting name and val is, depending on the name, either a boolean or a list of file specifications.
 If the settings argument is provided, each name = val pair is applied to the current settings, replacing the previous value.
 • Valid names are:

 SECURE_READ_LIST specification list for permitted read operations SECURE_NOREAD_LIST specification list for restricted read operations SECURE_WRITE_LIST specification list for permitted write operations SECURE_NOWRITE_LIST specification list for restricted write operations SECURE_EXTCALL_LIST specification list for permitted external call libraries SECURE_NOEXTCALL_LIST specification list for restricted external call libraries SECURE_SYSCALL_ENABLED Boolean flag for enabling/disabling calls to system and ssystem SECURE_MODE Boolean flag for enabling/disabling security

For any given list of file specifications, if a list item is one of the names SECURE_READ_LIST, SECURE_NOREAD_LIST, SECURE_WRITE_LIST, SECURE_NOWRITE_LIST, SECURE_EXTCALL_LIST, or SECURE_NOEXTCALL_LIST, then the list item is replaced by the current value of that name in the security settings.

 • For an overview of Maple engine security and an explanation of relevant concepts, see the Maple Engine Security help page.

File Specification

 • A file specification is a Maple string with the contents as specified in the File Specification for Maple Engine Security help page.

Examples

 > $\mathrm{Security}:-\mathrm{Config}\left(\right)$
 ${\mathrm{SECURE_READ_LIST}}{=}\left[{}\right]{,}{\mathrm{SECURE_NOREAD_LIST}}{=}\left[{}\right]{,}{\mathrm{SECURE_WRITE_LIST}}{=}\left[{}\right]{,}{\mathrm{SECURE_NOWRITE_LIST}}{=}\left[{}\right]{,}{\mathrm{SECURE_EXTCALL_LIST}}{=}\left[{}\right]{,}{\mathrm{SECURE_NOEXTCALL_LIST}}{=}\left[{}\right]{,}{\mathrm{SECURE_SYSCALL_ENABLED}}{=}{\mathrm{false}}{,}{\mathrm{SECURE_MODE}}{=}{\mathrm{false}}$ (1)
 > $\mathrm{Security}:-\mathrm{Config}\left(\mathrm{SECURE_READ_LIST}=\left["/tmp/*"\right],\mathrm{SECURE_SYSCALL_ENABLED}=\mathrm{true}\right):$
 ${\mathrm{NULL}}$ (2)
 > $\mathrm{Security}:-\mathrm{Config}\left(\mathrm{SECURE_READ_LIST}=\left[\mathrm{SECURE_READ_LIST},"/usr/*"\right]\right):$
 ${\mathrm{NULL}}$ (3)
 > $\mathrm{Security}:-\mathrm{Config}\left(\right)$
 ${\mathrm{SECURE_READ_LIST}}{=}\left[{"/tmp/*"}{,}{"/usr/*"}\right]{,}{\mathrm{SECURE_NOREAD_LIST}}{=}\left[{}\right]{,}{\mathrm{SECURE_WRITE_LIST}}{=}\left[{}\right]{,}{\mathrm{SECURE_NOWRITE_LIST}}{=}\left[{}\right]{,}{\mathrm{SECURE_EXTCALL_LIST}}{=}\left[{}\right]{,}{\mathrm{SECURE_NOEXTCALL_LIST}}{=}\left[{}\right]{,}{\mathrm{SECURE_SYSCALL_ENABLED}}{=}{\mathrm{true}}{,}{\mathrm{SECURE_MODE}}{=}{\mathrm{false}}$ (4)
 > $\mathrm{Security}:-\mathrm{Config}\left(\mathrm{SECURE_READ_LIST}=\left["/tmp/*"\right],\mathrm{SECURE_SYSCALL_ENABLED}=\mathrm{true}\right):$
 ${\mathrm{NULL}}$ (5)
 > $\mathrm{Security}:-\mathrm{Config}\left(\right)$
 ${\mathrm{SECURE_READ_LIST}}{=}\left[{"/tmp/*"}\right]{,}{\mathrm{SECURE_NOREAD_LIST}}{=}\left[{}\right]{,}{\mathrm{SECURE_WRITE_LIST}}{=}\left[{}\right]{,}{\mathrm{SECURE_NOWRITE_LIST}}{=}\left[{}\right]{,}{\mathrm{SECURE_EXTCALL_LIST}}{=}\left[{}\right]{,}{\mathrm{SECURE_NOEXTCALL_LIST}}{=}\left[{}\right]{,}{\mathrm{SECURE_SYSCALL_ENABLED}}{=}{\mathrm{true}}{,}{\mathrm{SECURE_MODE}}{=}{\mathrm{false}}$ (6)