crazyinsomniac has asked for the wisdom of the Perl Monks concerning the following question:

How safe is

Recently, deciding to do some improvements to RegexLab, I decided Safe be best employed, so I did a quick search on perlmonks and came accross

How to use LWP::Simpe inside a safe compartment? (unresolved - probably need to permit some network opcodes)
use Safe and CGI; (a nice little demo)
The proper use of Safe(lesson: lexicals ain't globals)
How Safe is Safe::? (warranty discussion - not related)
Known security issues with is right on topic, but there is no answer ( and my question is more to the comments of ask ).
Mileage with safe, Perl sandbox, Safe / @ISA Problem

Now I come accross is not safe in which ask says

By returning the right values from the safe compartment it's quite possibly to "break out" of it.
and someone in the cb said the same thing (Safe isn't truly safe), so can somebody explain to me why/how?

Code examples work best.


I am aware of Safe::Hole. I did search perlmonks for previous discussion ask mentions that discuss the insecurity of, but turned up nothing.

Of all the things I've lost, I miss my mind the most.
perl -e "$q=$_;map({chr unpack qq;H*;,$_}split(q;;,q*H*));print;$q/$q;"

Replies are listed 'Best First'.
Re: Is unsafe?
by jlongino (Parson) on May 13, 2002 at 06:14 UTC
    Let me preface this by saying that I've hardly touched In fact, my reply to one of the links you noted was the first and only time I used it. I hope that what I present below is not out of context. As usual, please correct me where necessary.

    From what browsing I've done, doesn't seem to have been improved upon anytime lately. Although my post doesn't answer you questions about being safe or not, it does point out that it may have other problems. I came across this thread between Tim Bunce and Jarkko Hietaniemi from 7-2001:

    TB: Many people who use, or try to use, Safe could get by with the ops pragma
    (which is why I separated the ops filter logic from Safe many moons ago).

    JH: Is this still true in the days of SOAP, XML-RPC and... insert buzzword here?

    TB: Perhaps less so, but Safe is still (from memory) fairly broken/limited in assorted dimensions many of which can't be fixed before perl6 and the others probably need a rewrite (probably to use ithreads).

    This view seems to be mirrored by a few other non-PM search results, but were not from as well-known figures. Unfortunately, they leave us to our own imaginations as to what these dimensions might be.