develooper Front page | perl.perl5.porters | Postings from August 2001

Re: [PATCH] put useful info in %INC for files loaded by a hook in @INC

Thread Previous | Thread Next
Nicholas Clark
August 29, 2001 03:14
Re: [PATCH] put useful info in %INC for files loaded by a hook in @INC
Message ID:
On Wed, Aug 29, 2001 at 12:03:35PM +0200, Rafael Garcia-Suarez wrote:
> On 2001.08.28 18:31:17 +0200 Gisle Aas wrote:
> >
> > What is still missing is to make sure pp_require() invokes the hook
> > again when an absolute filename starting with things like
> > "/loader/0x81095c8/" is used.  Currently this bypass the @INC search


would be better, wouldn't it? As that's a URN name and doesn't need to be
a local file. [Have I got my terms correct?]
Better still if we had something instead of "loader" that couldn't be a
valid hostname, as that couldn't clash with anyone's real hostnames?

> > which is quite likely to make the require fail.
> There are other problems.
> First, note that modules that use are properly loaded via
> a hook, because AutoLoader implements a fall-back when it can't find
> the file : it uses require "auto/" (a relative path).

Ah. That's why putting autoloaded modules in a zip file seemed to work just
fine (one of the tests for ex::lib::zip is AutoLoader. Another is SelfLoader)

But these were perl-code only modules.

> Modules that use DynaLoader can't be loaded, because *.so files
> (or equivalent) are not found. To make this work, it's necessary
> to patch DynaLoader in some way. There are many solutions. (One of
> them is to add 'caveat' about this in the docs. I don't like the
> idea of getting binaries from anywhere. They're less portable than
> Perl source.)
> What do people think about this ?

The idea of a remote-loader that pulls binaries from somewhere seems scary.
[I'm envisaging something that pulls the .so to a temporary file and then
dl_open()s that. Or whatever for your OS]
However, I'm not sure security why it's any less scary than "pure perl"
considering that someone wrote a perl 1.5 liner in perl that triggered
the Pentium f00f bug. If someone mails you a JAPH in a .sig, do you run it?

Is binary vs source portability is an issue? Perl is using archnames in the
require path, so it ought to be possible to remote load the correct binary.
The issue then is only have you compiled it?

Nicholas Clark

PS ex::lib::zip 0.03 is waiting an answer to whether PerlIO_apply_layera is
   a public API before it can be released, so it's really released if anyone
   wants to use it to test coderef INC.

Thread Previous | Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About