develooper Front page | perl.perl5.porters | Postings from November 2003

Re: [perl #24347] segfault with Safe

Thread Next
From:
Ilya Zakharevich
Date:
November 2, 2003 15:14
Subject:
Re: [perl #24347] segfault with Safe
Message ID:
20031102231405.GA776@math.berkeley.edu
On Sun, Nov 02, 2003 at 10:37:05PM -0000, Rafael Garcia-Suarez wrote:
> > Currently, when an imported subroutine is called from a compartment,
> > it has its %main:: substituted by a dummy hash; thus autoloading and
> > loading modules on the fly (when needed) does not work well.  I want
> > to import a subroutine which continues to operate on its native %main;:.

> Isn't this more or less against Safe's mission statement ?

If so, the statement should be changed.  IIUC, the idea of Safe is to
provide layered security; you determine what minimal level of
capability should be sufficient to run certain code, and do not give
it more capability.

If some code can't be run with the current "mission statement", then
the only alternative is to run it *outside* of Safe compartment, right?
And *this* looks like a real security break.

So if I want to lower the security of compartment by importing a
"fully functional" subroutine, I should be able to do so.  As you saw
it from my example, one *can* do it anyway; then why not make it
convenient too?

[BTW, one should google for "Groups", sorry for omitting this.]

Hope this helps,
Ilya

Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About