Re: capture exception

[Perrin Harkins]

https://www.effectiveperlprogramming.com/2011/03/know-the-different-evals/

On Tue, May 30, 2017 at 10:49 AM, Dirk-Willem van Gulik <
di...@webweaving.org> wrote:

>
> On 30 May 2017, at 16:43, John Dunlap <j...@lariat.co> wrote:
>
> How is it a security hole?
>
> ….
>
> > my $ret = eval { $m->...() };
>
>
> Just imagine $m->…() returning something containing a valid perl
> expression such as " `rm -rf /‘; “, system(“rm -rf /“);  or something that
> wires up a shell to a TCP socket.
>
> Dw.
>
>