Comment on

Replies are listed 'Best First'.
Re^3: Executing code in a string by Aristotle (Chancellor) on Jul 09, 2002 at 20:37 UTC
Specifically, consider using the Safe module to restrict the kinds of things that the external code is allowed to do. For example, the following: `use Safe; my $compartment = new Safe; $compartment->permit_only(':base_core'); my $result = $compartment->reval($foo);` [download] will forbid a great number of operations but leaves enough allowed so that `$foo` could be a configuration file - written in Perl syntax. In that case, the `rdo()` method is also interesting: `my $result = $compartment->rdo($filename);` which is a safe replacement for `my $result = do $filename;` For information about the tags and names you can use in the `permit()` call, see the documentation to the Opcode module. Makeshifts last the longest.	[reply] [d/l] [select]

Replies are listed 'Best First'.

Re^3: Executing code in a string
by Aristotle (Chancellor) on Jul 09, 2002 at 20:37 UTC

use Safe;
my $compartment = new Safe;
$compartment->permit_only(':base_core');
my $result = $compartment->reval($foo);
[download]

$foo

rdo()

my $result = $compartment->rdo($filename);

my $result = do $filename;

permit()

Makeshifts last the longest.