note
7stud
<p>You can insert your program's STDIN filehandle into the compartment like this:</p>
<code>
use strict;
use warnings;
use 5.012;
use Safe;
if($ARGV[0]) {
my $code = $ARGV[0];
my $compartment = Safe->new;
my $namespace_name = $compartment->root();
{
no strict;
*{$namespace_name . "::STDIN"} = *main::STDIN;
}
$compartment->deny_only(qw(chdir)); #<----CHECK THIS***
$compartment->reval($code);
if ($@) {
print "Unsafe code detected: $@";
}
}
--output:--
$ $ perl 2.pl '
print "Enter some stdin: ";
my $line = <STDIN>;
print "From STDIN: $line";
'
Enter some stdin: hello
From STDIN: hello
</code><p>
But I can't figure out how to permit_only() what is necessary for the line input operator(<$infile>) to work. I tried permit_only(qw{ print <> }), which produced the error:</p>
<code>
Unknown operator prefix "<>"
</code>
<p>And because perlop says:</pre>
<pre>
<FILEHANDLE> may also be spelled readline(*FILEHANDLE). </pre>
<p>I tried permit_only(qw{ print readline }), but that produced this error:</p>
<code>
Unsafe code detected: 'private value' trapped by operation mask at (eval 5) line 1.
use strict;
use warnings;
use 5.012;
use Safe;
if($ARGV[0]) {
my $code = $ARGV[0];
my $compartment = Safe->new;
my $namespace_name = $compartment->root();
{
no strict;
*{$namespace_name . "::STDIN"} = *main::STDIN;
}
$compartment->permit_only(qw(print readline));
$compartment->reval($code);
if ($@) {
print "Unsafe code detected: $@";
}
}
--output:--
$ perl 2.pl '
print "Enter some stdin: ";
my $line = readline *STDIN;
print "From STDIN: $line";
'
Unsafe code detected: 'private value' trapped by operation mask at (eval 5) line 1.
</code>
1018212
1018212