A long while ago now I published SandboxedSmalltalk and SandboxedSmalltalkTests to public store. This package allowed you to run Smalltalk code that was 'locked in' to a Sandbox and couldn't get out.

The big problem with it, though, was how I'd implemented it. In fact, I had done the dumbest implementation that could possibly work. And when I say dumb - I mean really dumb. I would create parse trees on the method or script I was about to execute, then walk the parse tree checking each step against a policy.

This was slow and error prone. Very slow and very error prone.

Step in a new package, Sandbox - this baby uses the Bytecode of methods and scripts to execute. In fact, it goes one step further and uses the built in Simulation technology that the Debugger and various other Bytecode level services use in the Smalltalk image.

It's a bit like Reinout's TypeInferencer - that also uses the same services to quick spy over Bytecode across the entire system. In short, it's the right approach and it has meant that the new implementation has less code, fewer bugs, more readable and understandable and is actually a great deal faster (well over 100x speed-up).

Enjoy.