Banky has asked for the wisdom of the Perl Monks concerning the following question:
I'm trying to create a CGI application that allows users to Safely eval some types of Perl code. Of course I need the Safe module to only allow a small subset of opcodes that are considered safe and useful for this application.
Here's a test script I've been writing. It basically goes through and finds what opcodes $line needs to execute.
It ex
Thanks a lot,
Banky
It works fine from the command line but when I run it through a browser I get a "The document contains no data" dialog box. If I comment out $cpt->reval($line) this disappears. Any ideas why this might be happening?#!/usr/bin/perl use Opcode; use Safe; my @names = Opcode::opset_to_ops(Opcode::full_opset); my @neededops; use CGI; my $query=CGI::new(); print $query->header(); print "<HTML><BODY>"; foreach $name(@names) { my $cpt; $cpt=undef; $cpt=new Safe; $cpt->share('$name'); my(@ops)=grep { $_ ne $name} @names; $cpt->permit_only(@ops); my $line=q{ print "Opcode: $name\n"; }; $cpt->reval($line); push @neededops, $name if $@; } print "<HR>\n\n@neededops\n"; print "</BODY></HTML>";
Thanks a lot,
Banky
|
---|
Replies are listed 'Best First'. | |
---|---|
Re: use Safe and CGI;
by blue_cowdawg (Monsignor) on May 21, 2001 at 23:50 UTC | |
by Banky (Acolyte) on May 22, 2001 at 07:22 UTC | |
Re: use Safe and CGI;
by no_slogan (Deacon) on May 21, 2001 at 22:55 UTC | |
Re: use Safe and CGI;
by Banky (Acolyte) on May 23, 2001 at 07:12 UTC | |
Re: use Safe and CGI;
by ColtsFoot (Chaplain) on May 22, 2001 at 09:54 UTC | |
by Banky (Acolyte) on May 23, 2001 at 02:10 UTC | |
Re: use Safe and CGI;
by Anonymous Monk on May 15, 2003 at 02:13 UTC |
Back to
Seekers of Perl Wisdom