Exactly what it says: eval is a code injection attack waiting to happen. If
you actually need it, you get to do your own data sanitization, and you
tell Perl 6 you did so with "use MONKEY-SEE-NO-EVAL;".
On Wed, Jun 13, 2018 at 3:22 PM ToddAndMargo <toddandma...@zoho.com> wrote:
> Hi All,
>
> I am converting a program from Perl5 to Perl 6.
>
> This line
>
> else { eval "$RunSpecific"; }
>
> became this line
>
> else { EVAL "$RunSpecific"; }
>
> And threw this error
>
> $ perl6 -c GetUpdates.pl6
> ===SORRY!=== Error while compiling /home/linuxutil/GetUpdates.pl6
> EVAL is a very dangerous function!!! (use the MONKEY-SEE-NO-EVAL pragma
> to override this error,
> but only if you're VERY sure your data contains no injection attacks)
> at /home/linuxutil/GetUpdates.pl6:6016
> ------> else { EVAL "$RunSpecific"⏏; }
>
>
> Any words of wisdom?
>
>
> Many thanks,
> -T
>
>
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Serious error.
> All shortcuts have disappeared.
> Screen. Mind. Both are blank.
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
--
brandon s allbery kf8nh sine nomine associates
allber...@gmail.com ballb...@sinenomine.net
unix, openafs, kerberos, infrastructure, xmonad http://sinenomine.net
