Larry Wall wrote in perl.perl6.internals :
> Do bear in mind that Perl can execute bits of code as it's compiling,
> so if a bit of code is untrustworthy, you shouldn't be compiling it
> in the first place, unless you've prescanned it to reject C<use>,
> C<BEGIN>, and other macro definitions, or (more usefully) have hooks
> in the compiler to catch and validate those bits of code before
> running them. Doesn't do you much good to disallow
>
> eval 'system "rm -rf /"';
>
> at run time if you don't also catch
>
> BEGIN { system "rm -rf /"; }
>
> at compile time...
That's mostly what Perl 5's Safe is doing. Hence my previous comment.
The major flaw with this approach is that it's probably not going to
prevent
eval 'while(1){}'
or
eval '$x = "take this!" x 1_000_000'
or my personal favourite, the always funny
eval 'CORE::dump()'
unless you set up a very restrictive set of allowed ops.
(in each case, you abuse system resources: CPU, memory or ability to
send a signal. I don't know how to put restrictions on all of these
in the general case...)
