On Jan 4, 2012, at 5:39 PM, David Mertens wrote: > On Wed, Jan 4, 2012 at 2:32 PM, Puneet Kishor <[email protected]> wrote: > >> >> On Dec 30, 2011, at 12:08 AM, Joel Berger wrote: >> >>> Although you would probably need to do some sandboxing or else >>> somereworking, you might check out >>> showmetheshell,https://github.com/vti/showmetheshell >>> Its a lightweight, perl-driven, browser based terminal! >>> >>> If you change the line >>> >>> PocketIO->new(instance => Handler->new(cmd => '/bin/bash')); >>> >>> to >>> >>> PocketIO->new(instance => Handler->new(cmd => 'pdl')); >>> >>> The browser terminal starts up with a new pdl prompt and everything. >>> One really just needs to look into the sandboxing at that point. >> >> >> >> Wow, this is a whole bucket of fun. >> >> I really want to make this available to the inquiring, inquisitive >> potential PDLer, but am not sure what to do to sandbox it. I poked around >> the docs but didn't see anything mentioned. Any suggestions? I would be >> happy to host this on my machine, at least until things get out of hand. >> > > I haven't looked at showmetheshell, but I expect that Joel meant Safe.pm: > http://perldoc.perl.org/Safe.html > > If you wrap the interpreter in Safe.pm, you could prevent users from > trashing the Perl interpreter that's running the shell. (Again, that may > not even be a problem. I'm not sure. Any comments, Joel?)
I will take a look at Safe.pm, but I am concerned about shit like so pdl> $str = "rm /*.*" pdl> system($str) > > David > > -- > Sent via my carrier pigeon. _______________________________________________ Perldl mailing list [email protected] http://mailman.jach.hawaii.edu/mailman/listinfo/perldl
