DOCSLIB.ORG

Extensible Access Control with Authorization Contracts

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Extensible Access Control with Authorization Contracts Extensible Access Control with Authorization Contracts Scott Moore Christos Dimoulas Robert Bruce Findler Harvard University (USA) Harvard University (USA) Northwestern University (USA) [email protected] [email protected] [email protected] Matthew Flatt Stephen Chong University of Utah (USA) Harvard University (USA) mfl[email protected] [email protected] Abstract For example, Unix file permissions describe which users Existing programming language access control frameworks are allowed to call which operations on a file. The access do not meet the needs of all software components. We propose control mechanism uses file permissions to determine what an expressive framework for implementing access control rights are necessary to call different sensitive operations. Each monitors for components. The basis of the framework is Unix process executes on behalf of a specific user, and a a novel concept: the authority environment. An authority request to call an operation possesses the same rights as environment associates rights with an execution context. The the user of the process that issues the request. Thus, file building blocks of access control monitors in our framework permissions answer the first question, and the rights of the are authorization contracts: software contracts that manage user associated with a process answer the second question. authority environments. We demonstrate the expressiveness Importantly, Unix associates users and processes in two of our framework by implementing a diverse set of existing different ways. By default, a new process runs on behalf access control mechanisms and writing custom access control of the same user as the process that spawned it. But a process monitors for three realistic case studies. can run on behalf of a different user if it runs an executable that has the setuid bit set. When a process invokes a setuid Categories and Subject Descriptors D.3.1 [PROGRAM- executable, the operating system launches a new process MING LANGUAGES]: Formal Definitions and Theory— to run the executable and associates the new process with Semantics; D.2.4 [SOFTWARE ENGINEERING]: Software/ the user that owns the executable, rather than the user that Program Verification—Programming by contract invoked it. Hence, this feature creates services that provide restricted access to resources that an invoking user could not Keywords access control; contracts; authorization logic otherwise access. Similar to operating systems, software components also 1. Introduction need access control mechanisms to prevent unauthorized An access control monitor mediates requests to call sensitive clients from calling sensitive operations while allowing au- operations and allows each call if and only if the request thorized ones to do so. Thus, when responding to a request possesses the necessary rights to call the operation. Broadly to call a sensitive operation, access control mechanisms for speaking, when an access control mechanism is presented components must be able to answer the same two questions: with a call to a sensitive operation, it must be able to answer which rights are necessary for the call and which rights the two questions. First, which rights are required for the call? request possesses. And second, which rights does the request possess? The However, access control needs of components vary, and design of an access control mechanism specifies, implicitly it is impossible to choose a single answer to these questions or explicitly, the answers to these questions. that satisfies all component authors. To make things worse, access control mechanisms for general purpose programming languages have made design choices that are not suitable for all application domains and are typically mutually incom- patible. For example, Java stack inspection [40] determines the rights associated with a call site by walking the stack from the current stack frame. In contrast, object-capability languages (e.g., E [25] and Caja [26]) determine rights by the Appeared in OOPSLA 2016 lexical structure of the program: a code may call operations We have used the framework to implement diverse access on exactly those resources that are reachable from variables control mechanisms: discretionary access control, stack in- in the code’s text. spection, history-based access control, and object-capabilities (§4). We demonstrate the practicality of our approach with In this paper we propose a new, extensible access control three realistic case studies (§5). framework that allows component authors to design access control monitors that suit their needs. The framework sup- 2. Authority Environments ports the design and implementation of many different novel In this section, we introduce authority environments as a and existing access control monitors for software compo- unifying concept for access control. First, we review the nents. Moreover, because different monitors are implemented differences between lexical and dynamic scoping (§2.1). Then using a common framework, different software components we describe the connection between lexical and dynamic within the same application can use different access control scoping and access control (§2.2) and show how we can mechanisms. use scoping in the design of a framework for writing access The framework builds on a novel concept: the authority control monitors (§2.3). Throughout, we use small examples environment. Just as each execution context has a variable in the Racket programming language [16]. environment that maps variable identifiers to values, each ex- ecution context has an authority environment that associates 2.1 Lexical and Dynamic Scoping the context with its rights to call operations. The rights that a The scope of a variable binding is the spatial and temporal call to a sensitive operation possesses are those possessed by part of the program in which it is visible. A common way to the authority environment of the call’s execution context. categorize strategies for assigning scopes to bindings is as By analogy with dynamic and lexical scoping of variable either lexical or dynamic. Earlier work distinguishes between environments, we identify two ways in which an execution the scope of a binding, which describes where the binding context can receive authority: is visible in the program text, and the extent of a binding, 1. dynamically, by inheriting the authority environment of which describes when the binding is visible during execution. the surrounding execution context, and Dynamic scope often refers to bindings that have dynamic 2. lexically, by capturing the authority environment of the extent and “indefinite” scope. Here, we use dynamic scope to execution context where it is defined. refer to bindings that have dynamic extent and lexical scope, Returning to the Unix file system example, a process receives also called “fluid” scope [17, 34, 35]. authority dynamically when it inherits the user of the process Under lexical scoping, a variable refers to the binding that launched it. A process receives authority “lexically” from its closest binder in the textual structure of the program. when it runs a setuid executable. For example, in the Racket expression below, the variable Based on the correspondence with variable scoping, we x in function f refers to the binding in the outer-most let define a framework for designing access control monitors statement. The evaluation of this expression returns 0 since as sets of monitor actions that manipulate authority environ- the inner-most let statement has no effect on the value x ments (§3). We implement our framework as a library for binds within f. Racket [16] without changes to the language’s runtime. We (let ([x 0]) use higher-order contracts [15] to specify where an access (let ([f ( lambda () x)]) control monitor should interpose on a program and how it (let ([x 42]) should manage authority environments. Contracts are exe- (f)))) cutable specifications attached to software components that support separation of concerns by removing defensive checks In a programming language with fluid scoping, program- from code implementing functionality [22–24]. In the same mers can instead associate a binding with the dynamic extent way, our authorization contracts separate the task of access of an expression. That binding is visible to any code that runs control from the program’s functionality. in the dynamic extent of the expression. For example, the The design of this framework presents four major contri- following Racket expression defines a new fluidly-scoped butions: variable x with default value 0. The parameterize expression 1. the introduction of authority environments as a unifying binds x to the value 42 in the dynamic extent of its body. The concept for access control mechanisms (§2), variable x in the body of f refers to the most recent bind- 2. the introduction of context contracts to check and enforce ing rather than the closest one in the program text. Since f properties of execution contexts (§3.1), is invoked within the parameterize expression, the program 3. a novel authorization logic for representing and querying evaluates to 42 instead of 0. authority in authority environments (§3.2), and (let ([x ( make-parameter 0) ]) 4. authorization contracts that specialize context contracts (let ([f ( lambda () (x))]) for managing authority environments and enforcing access ( parameterize ([x 42]) control policies expressed in the logic (§3.3). (f)))) Fluid scoping is a useful programming construct because ( define-monitor users
Load more

Recommended publications
  • Rash: from Reckless Interactions to Reliable Programs
    Rash: From Reckless Interactions to Reliable Programs William Gallard Hatch Matthew Flatt University of Utah University of Utah USA USA [email protected] [email protected] Abstract them along a spectrum of program maturity and scale. Mov- Command languages like the Bourne Shell provide a terse ing code along this scale is often viewed as a transition from syntax for exploratory programming and system interaction. “scripts” to more mature “programs,” and current research Shell users can begin to write programs that automate their aims to improve that transition, especially through grad- tasks by simply copying their interactions verbatim into a ual typing [18, 20]. In this paper, we address a point in the script file. However, command languages usually scale poorly spectrum that precedes even the “script” level of maturity: beyond small scripts, and they can be difficult to integrate command sequences in an interactive shell. into larger programs. General-purpose languages scale well, Different features and aspects of programming languages but are verbose and unwieldy for common interactive actions are well suited to different stages of program maturity. For such as process composition. example, static types are clearly useful for ensuring and We present Rash, a domain-specific command language maintaining software correctness, but types are often seen embedded in Racket. Rash provides a terse and extensible as burdensome or obstructive when writing scripts, so many syntax for interactive system administration and scripting, scripting languages eschew types. Programmers want brevity as well as easy composition of both Racket functions and and even less formality in interactive settings, so read-eval- operating system processes.
    [Show full text]
  • A Reader Framework for Guile for Guile-Reader 0.6.2
    A Reader Framework for Guile for Guile-Reader 0.6.2 Ludovic Court`es Edition 0.6.2 8 March 2017 This file documents Guile-Reader. Copyright c 2005, 2006, 2007, 2008, 2009, 2012, 2015, 2017 Ludovic Court`es Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice are preserved on all copies. Permission is granted to copy and distribute modified versions of this manual under the con- ditions for verbatim copying, provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one. Permission is granted to copy and distribute translations of this manual into another lan- guage, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by the Free Software Foundation. i Table of Contents A Reader Framework for Guile ................ 1 1 Introduction............................... 3 2 Overview .................................. 5 3 Quick Start................................ 7 4 API Reference............................. 9 4.1 Token Readers .............................................. 9 4.1.1 Defining a New Token Reader............................ 9 4.1.2 Token Reader Calling Convention ........................ 9 4.1.3 Invoking a Reader from a Token Reader ................. 10 4.1.4 Token Reader Library .................................. 11 4.1.5 Limitations............................................ 16 4.1.5.1 Token Delimiters .................................
    [Show full text]
  • Foreign-Function Interfaces for Garbage-Collected Programming Languages
    Foreign-Function Interfaces for Garbage-Collected Programming Languages Marcus Crestani Eberhard-Karls-Universitat¨ Tubingen¨ [email protected] Abstract Programs in high-level, garbage-collected programming languages often need to access libraries that are written in other programming languages. A foreign-function interface provides a high-level lan- guage with access to low-level programming languages and negoti- ates between the inside and the outside world by taking care of the High-Level Foreign low-level details. In this paper, I provide an overview of what differ- Programming Function External Code ent kinds of foreign-function interfaces are in use in today’s imple- Language Interface mentations of functional programming languages to help decide on the design of a new foreign-function interface for Scheme 48. I have revised several mechanisms and design ideas and compared them on usability, portability, memory consumption and thread safety. I discuss the garbage-collection related parts of foreign-function in- terfaces using Scheme as the high-level functional language and C as the external language. Figure 1. Foreign-function interface 1. Introduction Programs in functional programming languages often need to ac- This paper reflects my survey, summarizes the results, and presents cess libraries that are written in other programming languages. Scheme 48’s new foreign-function interface, which will replace the Back in 1996, Scheme 48 [10] received its first foreign-function current one in the near future. interface. Over the years, developers connected many external li- braries to Scheme 48 using this foreign-function interface. Many 1.1 Foreign-Function Interfaces other Scheme implementations use a similar foreign-function in- A foreign-function interface provides a high-level programming terface, for example Elk [12], scsh [18], and PLT Scheme’s static language with access to other (usually low-level) programming lan- foreign interface [6].
    [Show full text]
  • Functional Package Management with Guix
    Functional Package Management with Guix Ludovic Courtès Bordeaux, France [email protected] ABSTRACT 1. INTRODUCTION We describe the design and implementation of GNU Guix, a GNU Guix1 is a purely functional package manager for the purely functional package manager designed to support a com- GNU system [20], and in particular GNU/Linux. Pack- plete GNU/Linux distribution. Guix supports transactional age management consists in all the activities that relate upgrades and roll-backs, unprivileged package management, to building packages from source, honoring the build-time per-user profiles, and garbage collection. It builds upon the and run-time dependencies on packages, installing, removing, low-level build and deployment layer of the Nix package man- and upgrading packages in user environments. In addition ager. Guix uses Scheme as its programming interface. In to these standard features, Guix supports transactional up- particular, we devise an embedded domain-specific language grades and roll-backs, unprivileged package management, (EDSL) to describe and compose packages. We demonstrate per-user profiles, and garbage collection. Guix comes with a how it allows us to benefit from the host general-purpose distribution of user-land free software packages. programming language while not compromising on expres- siveness. Second, we show the use of Scheme to write build Guix seeks to empower users in several ways: by offering the programs, leading to a \two-tier" programming system. uncommon features listed above, by providing the tools that allow users to formally correlate a binary package and the Categories and Subject Descriptors \recipes" and source code that led to it|furthering the spirit D.4.5 [Operating Systems]: Reliability; D.4.5 [Operating of the GNU General Public License|, by allowing them to Systems]: System Programs and Utilities; D.1.1 [Software]: customize the distribution, and by lowering the barrier to Applicative (Functional) Programming entry in distribution development.
    [Show full text]
  • A Tractable Scheme Implementation
    LISP AND SYMBOLIC COMPUTATION:An International Journal, 7, 315-335 (1994) © 1994 Kluwer Academic Publishers, Boston. Manufactured in The Netherlands. A Tractable Scheme Implementation RICHARD A. KELSEY [email protected] NEC Research Institute JONATHAN A. REES [email protected] M1T and Cornell University Abstract. Scheme 48 is an implementation of the Scheme programming language constructed with tractability and reliability as its primary design goals. It has the structural properties of large, compiler-based Lisp implementations: it is written entirely in Scheme, is bootstrapped via its compiler, and provides numerous language extensions. It controls the complexity that ordinarily attends such large Lisp implementations through clear articulation of internal modularity and by the exclusion of features, optimizations, and generalizations that are of only marginal value. Keywords: byte-code interpreters, virtual machines, modularity, Scheme, partial evaluation, layered design 1. Introduction Scheme 48 is an implementation of the Scheme programming language constructed with tractability and reliability as its primary design goals. By tractability we mean the ease with which the system can be understood and changed. Although Lisp dialects, including Scheme, are relatively simple languages, implementation tractability is often threatened by the demands of providing high performance and extended functionality. The Scheme 48 project was initiated in order to experiment with techniques for main- taining implementation tractability in the face of countervailing pressures and to find out what tradeoffs were involved in doing so. (The project was originally an experiment to see if a Scheme implementation could be written in a single weekend; the 48 refers to forty-eight hours.) Small Lisp implementations are usually tractable merely by virtue of being small; it is usually possible for an experienced programmer to read and understand the entire source program in a few days.
    [Show full text]
  • The Incomplete Scheme 48 Reference Manual for Release 1.8
    The Incomplete Scheme 48 Reference Manual for release 1.8 Richard Kelsey Jonathan Rees Mike Sperber A line may take us hours, yet if it does not seem a moment’s thought All our stitching and unstitching has been as nought. Yeats Adam’s Curse ii Acknowledgements Thanks to Scheme 48’s users for their suggestions, bug reports, and forbearance. Thanks also to Deborah Tatar for providing the Yeats quotation. iii Contents Contents iv 1 Introduction 1 2 User’s guide 2 2.1 Command line arguments . 2 2.2 Command processor . 3 2.3 Editing . 3 2.4 Performance . 3 2.5 Disassembler . 4 2.6 Module system . 4 2.7 Library . 6 3 Command processor 7 3.1 Current focus value and ## ..................... 7 3.2 Command levels . 8 3.3 Logistical commands . 9 3.4 Module commands . 9 3.5 Debugging commands . 9 3.6 Settings . 11 3.7 Inspection mode . 13 3.8 Command programs . 14 3.9 Building images . 15 3.10 Resource query and control . 15 3.11 Threads . 16 3.12 Quite obscure . 17 4 Module system 18 4.1 Introduction . 18 4.2 The configuration language . 19 4.3 Interfaces . 21 4.4 Macros . 22 4.5 Higher-order modules . 23 4.6 Compiling and linking . 23 iv 4.7 Semantics of configuration mutation . 23 4.8 Command processor support . 24 4.9 Configuration packages . 27 4.10 Discussion . 28 5 Libraries 30 5.1 General utilities . 30 5.2 Pretty-printing . 32 5.3 Bitwise integer operations . 32 5.4 Byte vectors .
    [Show full text]
  • A Universal Scripting Framework Or Lambda: the Ultimate “Little Language”
    A Universal Scripting Framework or Lambda: the ultimate “little language” Olin Shivers MIT AI Lab, Cambridge, Mass. 02139, USA Abstract. The “little languages” approach to systems programming is flawed: inefficient, fragile, error-prone, inexpressive, and difficult to compose. A bet- ter solution is to embed task-specific sublanguages within a powerful, syntac- tically extensible, universal language, such as Scheme. I demonstrate two such embeddings that have been implemented in scsh, a Scheme programming envi- ronment for Unix systems programming. The first embedded language is a high- level process-control notation; the second provides for Awk-like processing. Em- bedding systems in this way is a powerful technique: for example, although the embedded Awk system was implemented with 7% of the code required for the standard C-based Awk, it is significantly more expressive than its C counterpart. 1 Introduction Many programming tools are built around the idea of “little languages”—small inter- preters implementing a programming language that has been tuned to the specifics of some specialised task domain. This approach to systems-building was popularised by Unix, which provides a host of little-language processors. For example, the following Unix language interpreters all support notations tuned for specialised task domains: Task Interpreter regular-expression based string transforms sed pattern-matching awk type-setting nroff/tbl/eqn dependency-directed recompilation make file-system tree-walking find program invocation and composition sh Little languages complement the Unix “toolkit” philosophy—the operating system provides mechanisms for composing little-language based components into larger sys- tems (and, in fact, the principal interface for doing so is itself a little language, the shell).
    [Show full text]
  • [Special-PDF] Olin Shivers Scsh Manual High School
    Olin Shivers Scsh Manual High School Download Olin Shivers Scsh Manual High School Iain Ferguson, Edward Martin and Burt Kaufman. Foreword by Daniel Friedman. "The Schemer's Guide: Second Edition" Schemers Inc, Ft. Lauderdale, FL, 1995. (see EdScheme entry in [2-2]) 330 pages, ISBN 0-9628745-2- 3, $35.95. This book assumes no previous programming experience and is ideal for high school or college students. Olin Shivers’ Acknowledgements to the Scsh Reference Manual: Who should I thank? My so-called “colleagues,” who laugh at me behind my back, all the while becoming famous on my work? My worthless graduate students, whose computer skills appear to be limited to downloading bitmaps off of netnews? 8 May 2006. Olin Shivers, Brian D. Carlstrom, Martin Gasbichler, and Mike Sperber. Around with computers,'' go to med school, and become a radiologist? In Allegro CL 4.1 [SPARC; R1], the rule of thumb is that for less than 24 elements, linear search using alists beats hashing. In Lucid CL 4.0.1 HP 9000-700, the break-even point is at 10 elements. The break-even points vary in other lisps from as low as 4 elements to as high as 100 elements. Scsh is limited to 32-bit platforms but there is a development version against the latest Scheme 48 that works in 64-bit mode. It is free and open-source software released under a BSD license. Features. Scsh includes these notable features: Library support for list, character, and string manipulations; A copy of the 1983-84 high school football, volleyball and basketball schedules.
    [Show full text]
  • Contracts Be Misunderstood (Functional Pearl)
    Oh Lord, Please Don’t Let Contracts Be Misunderstood (Functional Pearl) Christos Dimoulas, Max S. New, Robert Bruce Findler, Matthias Felleisen PLT, USA {chrdimo,maxsnew,robby,matthias}@racket-lang.org Abstract gramming language to not only express logical assertions about Contracts feel misunderstood, especially those with a higher-order their functions but also construct new forms of contracts with soul. While software engineers appreciate contracts as tools for ar- user-defined combinators. Especially in the context of languages ticulating the interface between components, functional program- that shout “domain specific languages” from every roof top—say mers desperately search for their types and meaning, completely Racket—researchers and developers ought to be able to eliminate the problems that plague sophisticated practical applications of forgetting about their pragmatics. 1 This gem presents a novel analysis of contract systems. Applied conventional contract systems. If they put their mind to it, they to the higher-order kind, this analysis reveals their large and clearly could construct linguistic mechanisms that raised the level of ex- unappreciated software engineering potential. Three sample appli- pressiveness and allowed programmers to articulate an unprece- cations illustrate where this kind of exploration may lead. dented detail of precision for a relatively low cost in terms of code. This gem demonstrates how this alternative mind set about con- Categories and Subject Descriptors D.3.3 [Programming Lan- tracts opens new possibilities. It starts with a novel conceptual guages]: Language Constructs and Features analysis of contracts, re-imagining them as an interlocking sys- tem of interposition points, linguistic constructs for contract attach- Keywords Contracts, Specifications, Language design ment, and DSLs for assembling logical assertions from rather sim- ple building blocks (section 2).
    [Show full text]
  • Vladilen Kozin
    Vladilen Kozin Clojure(Script), Racket, Emacs Lisp, TCL, Redex, OMeta, meta-programming Fall’13 Recurse Center (aka Hacker School) alum UK Tier 1 Exceptional Talent visa holder Corporate ladder Dec 2019-now Contracting gigs Jul-Dec 2019 Senior Programmer at All Street Research (London, UK) Building cognitive assistant for investment research in Clojure(Script). Front and back, AI, NLP, and more buzzwords here. Apr-Nov 2017 Senior Programmer at Droit (London, UK) Same as before but with obligatory daily commute. 2015-2017 Programmer/Consultant at Droit (remote and New York, USA) Building an expert system for compliant trading. Sneaking Clojure(Script) into unsuspecting financial giants. On any given day I could be designing DSLs, implementing compilers, parsers, rule-based engines, putting together simple browser-based GUIs and whatever else the startup life would have me do. 2014-2015 Programmer at Yandex (Moscow, Russia). Officially a member of Search Interfaces Development Infrastructure group, but mostly I wrote backend tools for source to source compilation - engines to write your template engines. If I were lucky and did it right frontend developers would get to use my work and take all the credit. 2009-2011 Equity Derivatives & Structured Products Sales at Renaissance Capital (Moscow, Russia). 2007-2009 EM Structured Solutions and Derivatives Sales at Barclays Capital (London, UK). Projects Emacs Lisp Author of multi.el - all things multiple dispatch for Emacs Lisp: type driven dispatch with protocols, ad-hoc polymorphism with multi-methods, pattern-matching and destructuring without noise with multi-patterns, case-dispatch with multi-defuns, benchmarking with multi-benchmarks. Racket Author of tilda an opinionated threading macro with self-documenting hole-markers, clause level keyword options and an implicit escape continuation.
    [Show full text]
  • Laboratory for Computer Science a Scheme Shell
    MASSACHUSETTS INSTITUTE OF TECHNOLOGY Laboratory for Computer Science Personal Information Architecture Note 3 4/94 A Scheme Shell Olin Shivers [email protected] Although robust enough for general use, adventures into the esoteric periphery of the C shell may reveal unexpected quirks. — SunOS 4.1 csh(1) man page, 10/2/89 Prologue Shell programming terrifies me. There is something about writing a sim- ple shell script that is just much, much more unpleasant than writing a simple C program, or a simple COMMON LISP program, or a simple Mips assembler program. Is it trying to remember what the rules are for all the different quotes? Is it having to look up the multi-phased interaction between filename expansion, shell variables, quotation, backslashes and alias expansion? Maybe it’s having to subsequently look up which of the twenty or thirty flags I need for my grep, sed, and awk invocations. Maybe it just gets on my nerves that I have to run two complete programs simply to count the number of files in a directory (ls | wc -l), which seems like several orders of magnitude more cycles than was really needed. Whatever it is, it’s an object lesson in angst. Furthermore, during late- night conversations with office mates and graduate students, I have formed the impression that I am not alone. In late February1, I got embroiled in a multi-way email flamefest about just exactly what it was about Unix that drove me nuts. In the midst of the debate, I did a rash thing. I claimed that it would be easy and so much nicer to do shell programming from Scheme.
    [Show full text]
  • Gauche Users' Reference
    Gauche Users' Reference version 0.9.8 Shiro Kawai ([email protected]) Copyright c 2001-2017 Shiro Kawai ([email protected]) i Table of Contents 1 Introduction :::::::::::::::::::::::::::::::::::::::::::::::::::: 1 1.1 Overview of Gauche:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 1 1.2 Notations :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 2 1.2.1 Entry format:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 2 1.2.2 Names and namespaces ::::::::::::::::::::::::::::::::::::::::::::::::::::::: 4 2 Concepts :::::::::::::::::::::::::::::::::::::::::::::::::::::::: 5 2.1 Standard conformance ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 5 2.2 Multibyte strings ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 10 2.3 Multibyte scripts ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 11 2.4 Case-sensitivity ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 12 2.5 Integrated object system :::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 12 2.6 Module system ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 13 2.7 Compilation :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 14 3 Programming in Gauche ::::::::::::::::::::::::::::::::::::: 15 3.1 Invoking Gosh :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 15 3.2 Interactive development::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 19 3.2.1 Working in REPL::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
    [Show full text]