Hi Tony,
Tony Belding wrote:
I'm interested in using an off-the-shelf interpreted language as a
user-accessible scripting language for a MUCK. I'm just not sure if I
can find one that does everything I need. The MUCK must be able to call
the interpreter and execute scripts with it, but the interpreter must
also be able to call functions in the MUCK code. And then there's the
security issue that really worries me. . . I have to be able to limit
what the interpreter can execute. I can't have my users running scripts
that access the console, access the filesystem or sockets directly, or
call libraries or other binaries outside the MUCK.
Is this practical? I'm thinking of Ruby or Python for this, if they can
meet the requirements.
I might even consider REXX. . . I remember ARexx from my Amiga days,
and how great it was for string manipulation and application scripting.
However. . . My immediate target platform, Mac OS X, comes with Ruby
and Python but not REXX, so that's a disadvantage.
My final option would be to create my own language interpeter where I
have control over everything that happens. That is what MUCKs have
always done in the past. But the result was always quirky, limited
languages like MUF (Multi-User Forth) which really turn off a lot of
coders. Furthermore, I've never created a language before, and it would
be a lot of extra work for me.
Well, a few remarks here ad the REXX options that would be available to you:
- REXX (there was its 25th anniversary celebrated in 2004) has an object-oriented successor that
still can execute plain REXX code, but is realized as an object-oriented language: Object REXX. It
got originally developed by IBM, after their big customers indicated that they would be interested
in it. In 1997 Object REXX became part of OS/2 Warp 4. IBM sold Object REXX for AIX and Windows.
- In 2004 after negotiations took place with the non-profit Rexx Language Association (RexxLA,
http://www.RexxLA.org), IBM handed the source code of Object REXX over to the RexxLA which created a
free and open source version and distributed it in April 2005 for the first time as Open Object Rexx
(ooRexx) 3.0, cf. <http://www.ooRexx.org>).
- The ooRexx source-code is hosted on Sourceforge and uses the Common Public License (CPL) 1.0 (cf.
<http://www.opensource.org/licenses/cpl1.0.php>\). This means that you can freely use the code, edit
it your way and make it even part of your own (even commercial) product.
- This week a new drop of ooRexx, version 3.1.1, has been released, with binaries built for AIX
(first time that an official ooRexx binary got build for it!), Linux, MacOSX (first time that an
official ooRexx binyry got build for it PPC, Intel), Solaris (Intel, Sparc), and Windows.
[Additional binaries for additional environments can be built using the autoconf tools.]
So ooRexx has been made available for your main target platform for your MUCK application.
- Ad your needs w.r.t. calling functions of your MUCK applicaiton: yes, that is possible (and not
difficult at all).
- Ad your needs w.r.t. security needs of your MUCK application: yes, that is possible (and not
difficult at all):
Because of the history of ooRexx (it was a commercial product to be deployed at large sites,
security was a paramount issue), there is a Security Manager built into ooRexx.
The ooRexx security architecture is quite interesting, easy to use, very flexible as it allows you
to create as many differenct security policy rules as you may wish. The ooRexx security manager will
monitor all potential insecure actions from REXX and ooRexx programs (like accessing the
environment, accessing streams, accessing functions etc.) and inform the policy program about such
intended, possibly secure-threatening operations. The policy program then is able to decide to let
the action through, to execute a secure operation instead without the supervised REXX or ooRexx
program noticing this (!), or stop the execution of the supervised program alltogether.
If you are interested in this and need ideas, help for your MUCK needs, then please post, such that
people over here (ie. the <news:comp.lang.rexx>) can help you out.
- Ad ooRexx in general: it is an easy to learn and easy to use (follows still the original REXX
philosophy to be a "human centric" language!!), fully object-oriented language (influenced by
Smalltalk). There is a small, tutorial-like paper (written for this year's European Conference of
Object-Oriented Programming, ECOOP, workshop named "Revival of Dynamic Languages (RDL)
<http://prog.vub.ac.be/~wdmeuter/RDL06/>", which really gives a brief overview of the history and
the (interesting) features of the ooRexx langauge, entitled "Resurrecting REXX, Introducing Object
Rexx", to enable reflection and discussion of the language and its interesting concepts, cf.:
<http://prog.vub.ac.be/~wdmeuter/RDL06/Flatscher.pdf>\. At the end of the paper there are a few, but
actually quite impressive nutshell examples, demonstrating the ease and power of ooRexx in different
environments.
- Ad prospects of ooRexx: ooRexx is actively being developed and enhanced. The RexxLA has been
organizing a yearly "International Rexx Symposium", the 2007 symposium to probably take place in
Tampa, Florida, USA, from April 29th, 2007, through May 3rd, 2007. Maybe you or your partners may
want to stop by there (the conferences are rather personal, you get to meet everyone in person who
has been actively developing ooRexx and ooRexx applications)? 8-))
Again, if you have any questions, please post them.
Regards,
---rony
P.S.: I have been using ooRexx in classes introducing MIS students to oo-concepts and programming,
such that "enduser-programmer" kind of people can successfully deploy their acquired skills to
automate/remote-control/script Windows, Windows applications, but also Java and Java applications
and applications like OpenOffice/StarOffice possessing Java interfaces. As a matter of fact, such
students become able to create scripts to drive e.g. OpenOffice which run unchanged e.g. on MacOS,
Linux and Windows, which is actually very cost-effective and impressive, if one thinks about it!
