David Garamond wrote:
> i've been playing with Safe.pm for the past two days, and it's really
> giving me headaches :-) i can't seem to do anything really useful with
> it. the namespace "chroot"-ing makes me unable to use pretty much every
> extension module
i've been playing with Safe.pm for the past two days, and it's really
giving me headaches :-) i can't seem to do anything really useful with
it. the namespace "chroot"-ing makes me unable to use pretty much every
extension modules i want to use. dynamic loading also
David <[EMAIL PROTECTED]> wrote:
> Steve Grazzini wrote:
>>
>> And besides, open() is not particularly easy to
>> override. You'd have to account for all of:
>>
>> open FH, $path;
>> open FH, "> $path";
>> open FH, ">", $path;
>> open FH, ">", \$sstream;
>> open FH, "command |";
>> o
Steve Grazzini wrote:
>
> And besides, open() is not particularly easy to
> override. You'd have to account for all of:
>
> open FH, $path;
> open FH, "> $path";
> open FH, ">", $path;
> open FH, ">", \$sstream;
> open FH, "command |";
> open FH, "| command";
i don't recommand peo
David Garamond <[EMAIL PROTECTED]> wrote:
> david wrote:
>> sub main::open{
>> #-- testing purpose
>> if($_[0] =~ m#^/#){
>> die("Access under / not allowed\n");
>> }else{
>> open(FILE,$_[0]) || die $!;
>> return FILE;
>>
i wonder if there is a way we can do this wrapping with the 'require'
opcode top. i.e., i want to allow the 'require' opcode but trap every
'require' statements through my checking subroutine, which will only
allow certain perl modules to be imported by the untrusted code.
--
dave
David Garam
david wrote:
> sub main::open{
> #-- testing purpose
> if($_[0] =~ m#^/#){
> die("Access under / not allowed\n");
> }else{
> open(FILE,$_[0]) || die $!;
> return FILE;
> }
> }
>
> my $fh = &open('whatever');
oh, i di
David wrote:
>
> i am not aware of any module that masks Perl functions. you can create your
> own though.
>
> sub main::open{
>
> [snip]
perldoc perlsub
[snip]
Overriding Built-in Functions
Many built-in functions may be overridden, though this
should be tried only occas
David Garamond wrote:
> david wrote:
>> i won't say it's broken, it's just that the Safe.pm is not finalized yet
>> and thus will undergo(probably) major changes even in the interface
>> level. example:
>
> thanks for providing the example, david. i&#x
david wrote:
> i won't say it's broken, it's just that the Safe.pm is not finalized yet and
> thus will undergo(probably) major changes even in the interface level.
> example:
thanks for providing the example, david. i've been reading the Safe.pm
and the Opcode d
David Garamond wrote:
> i'm looking for something like a sandbox/compartment (like rexec module
> in python) so that i can be [reasonably] confident running untrusted
> snippets of code from inside the same process.
>
> Safe.pm seems like the perl way of doing it, right?
i'm looking for something like a sandbox/compartment (like rexec module
in python) so that i can be [reasonably] confident running untrusted
snippets of code from inside the same process.
Safe.pm seems like the perl way of doing it, right? however, from what i
skimmed from the posts i got
> dynamic loading or has the Data::Dumper module statically linked into
> it.)
> at file.pl line 2
> Compilation failed in require at file.pl line 2.
> BEGIN failed--compilation aborted at file.pl line 2.
>
> any idea?
I rather think that you have some sort of version skew
Hi,
In general I'm trying to do something like that:
1. create a safe compartment .
2. inherit certain variables/methods and objects to the new compartment.
3. apply few limitations to the compartment.
4. execute code under the new compartment via safe rdo() method which
can execute perl co
purpose of the
Safe.pm - have you tried it? and if so
what are the error's that you are getting?
ciao
drieux
http://www.wetware.com/drieux/pbl/
--
This space left intentionally blank.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
On Thursday, August 22, 2002, at 01:06 , Avi Nehori wrote:
[..]
> did somebody here ever used the safe.pm module?
I presume you mean
http://search.cpan.org/search?mode=all&query=Safe
in particular the version that comes with perl 5.8.0???
eg:
http://search.cpan.org/author/JHI/perl-5.
Hello!
did somebody here ever used the safe.pm module?
please HELP!!!
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Hello!
did somebody here ever used the safe.pm module?
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
18 matches
Mail list logo
