Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris
 
PerlMonks  

Re: Passing argument into STDIN inside safe.pm reval

by 7stud (Deacon)
on Feb 12, 2013 at 00:12 UTC ( #1018267=note: print w/replies, xml ) Need Help??


in reply to Passing argument into STDIN inside safe.pm reval

You can insert your program's STDIN filehandle into the compartment like this:

use strict; use warnings; use 5.012; use Safe; if($ARGV[0]) { my $code = $ARGV[0]; my $compartment = Safe->new; my $namespace_name = $compartment->root(); { no strict; *{$namespace_name . "::STDIN"} = *main::STDIN; } $compartment->deny_only(qw(chdir)); #<----CHECK THIS*** $compartment->reval($code); if ($@) { print "Unsafe code detected: $@"; } } --output:-- $ $ perl 2.pl ' print "Enter some stdin: "; my $line = <STDIN>; print "From STDIN: $line"; ' Enter some stdin: hello From STDIN: hello

But I can't figure out how to permit_only() what is necessary for the line input operator(<$infile>) to work. I tried permit_only(qw{ print <> }), which produced the error:

Unknown operator prefix "<>"

And because perlop says:

<FILEHANDLE> may also be spelled readline(*FILEHANDLE). 

I tried permit_only(qw{ print readline }), but that produced this error:

Unsafe code detected: 'private value' trapped by operation mask at (ev +al 5) line 1. use strict; use warnings; use 5.012; use Safe; if($ARGV[0]) { my $code = $ARGV[0]; my $compartment = Safe->new; my $namespace_name = $compartment->root(); { no strict; *{$namespace_name . "::STDIN"} = *main::STDIN; } $compartment->permit_only(qw(print readline)); $compartment->reval($code); if ($@) { print "Unsafe code detected: $@"; } } --output:-- $ perl 2.pl ' print "Enter some stdin: "; my $line = readline *STDIN; print "From STDIN: $line"; ' Unsafe code detected: 'private value' trapped by operation mask at (ev +al 5) line 1.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1018267]
help
Chatterbox?
[1nickt]: marioroy Yes, I am using it with MCE, as is Discipulus I believe. I was trying to work out how to make a cpanfile that would be smart enough to know which deps to require.
[1nickt]: See this code. (I expected to simply eval loading threads as a check, but weirdness happened with Perlbrew so it's a grep of -V ...)
[choroba]: Config might be better than grepping -V
[Corion]: Also see Config::V, which is less of that hackery, or that hackery hidden in a module ;)
[1nickt]: The problem was with Perlbrew
[Corion]: Whoops - Config::Perl::V
[1nickt]: I found that when using Perlbrew as recommended, with cpanminus in the system perl lib, such tests were failing to detect the data about the perl that was the install destination.

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (11)
As of 2017-10-18 15:35 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    My fridge is mostly full of:

















    Results (249 votes). Check out past polls.

    Notices?