Safe
use Safe; $sandbox = Safe->new(); # anonymous sandbox $sandbox = Safe->new("PackName"); # in that symbol table # Enable or disable opcodes by group or name. $sandbox->permit(qw(:base_core)); $sandbox->permit_only(qw(:base_core :base_loop :base_mem)); $sandbox->deny("die"); # like do(), but in the sandbox $ok = $sandbox->rdo($filename); # like do(), but in the sandbox $ok = $sandbox->reval($code); # without 'use strict' $ok = $sandbox->reval($code, 1); # with 'use strict'
The Safe
module attempts to provide a
restricted environment to protect the rest of the program from
dangerous operations. It uses two different strategies to do this.
Much as an anonymous FTP daemon's use of chroot
(2) alters the view of the root of the filesystem, creating a
compartment object with Safe->new("PackName")
alters that compartment's view of its own namespace. The compartment
now sees as its root symbol table (main:
:) the
symbol table that the rest of the program sees as
PackName:
:. What looks like
Frobnitz:
: on the inside of the compartment is
really PackName::Frobnitz:
: on the outside. If you
don't give an argument to the constructor, a random new package name
is selected for you.
The second and more important facility that a
Safe
compartment provides is a way to limit code
that is deemed legal within an eval
. You can tweak
the allowable opcode set (legal Perl operations) using method calls on
your Safe
object. Two methods are available to
compile code in a Safe
compartment:
rdo
("restricted do") ...
Get Programming Perl, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.