Larry Wall wrote in perl.perl6.internals : > Do bear in mind that Perl can execute bits of code as it's compiling, > so if a bit of code is untrustworthy, you shouldn't be compiling it > in the first place, unless you've prescanned it to reject C<use>, > C<BEGIN>, and other macro definitions, or (more usefully) have hooks > in the compiler to catch and validate those bits of code before > running them. Doesn't do you much good to disallow > > eval 'system "rm -rf /"'; > > at run time if you don't also catch > > BEGIN { system "rm -rf /"; } > > at compile time...
That's mostly what Perl 5's Safe is doing. Hence my previous comment. The major flaw with this approach is that it's probably not going to prevent eval 'while(1){}' or eval '$x = "take this!" x 1_000_000' or my personal favourite, the always funny eval 'CORE::dump()' unless you set up a very restrictive set of allowed ops. (in each case, you abuse system resources: CPU, memory or ability to send a signal. I don't know how to put restrictions on all of these in the general case...)