in reply to Safe / @ISA Problem

I'm no expert on Safe but I believe this to be a namespace problem. I played with your code and produced:
use strict; use Safe; my $CODE = << 'END'; package A; sub new { my($class) = @_; print "hi there"; bless { }, $class; } package B; @ISA = qw(ROOT::A); END # If I uncomment this line, everything works. # eval $CODE; my $safe = Safe->new('ROOT'); $safe->reval($CODE); warn "code - $@" if $@; ROOT::B->new(); warn "new - $@" if $@;

Which prints the 'hi there' message. I don't think this is what you want, however. If you are wanting to load code and run it (from packages) then I would keep the package code in separate files and do the loading, run-time evaluation in the Safe compartment.

Now a disclaimer, this is how I do it but I don't know if there are any issues with it. I'd appreciate feedback :). If there is something wrong with this method then I've got some work to do on some of my projects :).

My way is slightly more complex cos I use a factory object to load the modules. Here is a stripped down version with that factory code removed.
use strict; use warnings; use Safe; my $despatch = {}; my $code = sub { my $module = "A"; my $mainmodule = $module . ".pm"; require $mainmodule; import $mainmodule; my $obj = $module->new(); $despatch->{"A"} = $obj; $module = "B"; $obj = $module->new(); $despatch->{"$obj"} = $obj; }; my $compartment = Safe->new('testing'); $compartment->reval(&{$code}()); $compartment->reval( $despatch->{'A'}->test() );
I put your module code in a file, called I also added a method:
package A; sub new { my($class) = @_; print "hi there\n"; bless { }, $class; } sub test { print "In test"; } package B; @ISA = qw(A); 1;
I know theres some useless variables (mainmodule etc) but they were all getting set via object methods and config file values so I left them in place.

All the best and I hope this helps.

Replies are listed 'Best First'.
Re: Re: Safe / @ISA Problem
by rdw (Curate) on Mar 16, 2002 at 11:11 UTC

    Thanks for the reply, but I'm not sure how much of that I'm going to be able to use. You called ROOT::B->new() outside the compartment, which isn't what I want. If you move it back inside reval it doesn't work again.

    Also, in the real app, the untrusted code isn't going to be written by me (that's why it's untrusted :-) and I don't really want it to have to be changed at all. I did have a quick go at modifying the code as it went in, and after it had been evaled (patching up @ISA to include the compartment root) but it still didn't fly. Putting the packages in files isn't really an option either, since I don't want to allow require/use inside, or any access to the filesystem.

    I'm beginning to think that I'm not going to be able to use Safe as-is because of the namespace thing, but I'll have to do something similar myself.

    Have fun,