Beefy Boxes and Bandwidth Generously Provided by pair Networks
XP is just a number

comment on

( #3333=superdoc: print w/replies, xml ) Need Help??
I have in the past and am considering in the future using the Safe module to provide semi-public access to a local Perl interpreter. I'm familiar with all of the options and opcode groups, and can configure it to be what appears to be completely safe as far as executing untrusted code goes. My questions are these:
  1. The Safe documentation makes it plain and clear that using the module is no guarantee of security/safety in executing untrusted code. Barring any undiscovered bugs/exploits, however, is it for all practical purposes reasonably safe to use it in this fashion? Is there some fundamental flaw in its implementation or are there any known ways of circumventing its protection? I realize there's always the possibility of some hole allowing unauthorized access to certain Perl opcodes, but I'm trying to identify the level of risk involved here.
  2. Is there an easy/common way of addressing the DoS aspect of running untrusted code? With Safe, I can prohibit them from executing stuff I don't want them to execute, but I can't keep them from writing a tight while (1) {} loop and tying up the CPU, or making it so the code never returns. My first thought is to use setpriority to reduce adverse affects, and alarm to catch any code running an inordinate amount of time, but is this safe? What if the evil code modifies $SIG{ALRM}?
I realize this is a risky thing to do, and additional security precautions I'm considering involve chroot and others. Can anyone think of any other caveats?

In reply to Known security issues with by Fastolfe

Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":

  • Are you posting in the right place? Check out Where do I post X? to know for sure.
  • Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
    <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
  • Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
  • Want more info? How to link or or How to display code and escape characters are good places to start.
Log In?

What's my password?
Create A New User
Domain Nodelet?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others cooling their heels in the Monastery: (4)
As of 2021-08-04 08:59 GMT
Find Nodes?
    Voting Booth?
    My primary motivation for participating at PerlMonks is: (Choices in context)

    Results (41 votes). Check out past polls.