Perl-Sensitive Sunglasses | |
PerlMonks |
Safe module security and emebeded perlby gildir (Pilgrim) |
on Oct 23, 2001 at 15:08 UTC ( [id://120747]=perlquestion: print w/replies, xml ) | Need Help?? |
gildir has asked for the wisdom of the Perl Monks concerning the following question:
Fellow monks,
I want to use module Safe to restrict emebeded perl code to only 'reasonable' set of operations. This emebeded code is a part of XML templating system that was private, but now I want to give users a chance to modify their templates. But as the whole system runs in mod_perl with persistent DB connections, I do not want users to be able to access that DB connection or any other resources on server system. I here the question: What opcodes could be reasonable to permit in such a circumstances? Just now I have qw(:base_core :base_mem :base_loop print sprintf refgen padany gv) set, but I'm not sure especialy with 'padany' and 'gv' opcodes. I had to include them to allow things like my $foo; and use of $_ in templates. Is there any security risk when permiting them? print operation is used for generating output, so it is needed. I have selected tied filehandle that collects output. That should be OK as far as I do not overlook something. refgen is also needed, because I pre-compile templates with and then runs it (outside compartment) with &$code. Is there some security risk in this setup? Thanks for any help or comments.
Back to
Seekers of Perl Wisdom
|
|