This module can be loaded alongside library(pengines) to allow for
calling remote pengines from a sandboxed environment. This is disallowed
by default because one of the use-cases of sandboxed pengines is to
provide a generic application interface. In such cases you do not want
the application to act as a proxy, in particular not to other systems in
a protected network.
- sandbox:safe_primitive(+Goal) is semidet[multifile]
- Declare the core pengine operations as safe. If we are talking
about local pengines, their safety is guaranteed by the
sandboxing done for all pengines.
- To be done
- - If at some point we allow for `unsafe' pengines, we must
- sandbox:safe_meta(+Goal, -Called) is semidet[multifile]
- Declare the pengine meta-predicates as safe. Note that the
pengine calling predicates are safe because the safety is
guaranteed by the recieving pengine.