in reply to Re^2: Passing argument into STDIN inside safe.pm reval
in thread Passing argument into STDIN inside safe.pm reval
printf "%vd \n", $compartment->mask;
...and they are clearly different, which means a compartment allows some default operations that permit_only() must be erasing. Rereading the Safe docs, there is a set of default operations bundled under :default that are allowed. You have to check the Opcode docs to see which operations that :default includes. I'm not sure which ones I erased with permit_only() that are needed to reval() my sample code--but in any case it looks like if you want to use permit_only(), then you probably need a pretty good grasp of perl internals.
I did a bunch of trial and error, and to get permit_only() to work on my sample code, I need all these:
The :default bundle of operations that a compartment allows consists of a bevy of other bundles:$compartment->permit_only(qw( print readline :base_core :base_mem :base_orig) );
:base_core :base_mem :base_loop :base_orig :base_thread
See the Opcode docs for which operations are included in each of those bundles.