This sounds like it could be a great way to introduce PDL to the world easily, but I do worry about the safety issue for whoever hosts it. Then I thought where better to get some answers (and possibly host) than a place with Perl expertise? dotCloud and its resident PerlMonk Tatsuhiko Miyagawa, (who is CC'ed)!
Hi Tatsuhiko, PDL (http://pdl.perl.org) is in the process of finishing a dev cycle and putting together usage book for simultaneous release sometime in the near future. I'm not sure how much of the comment thread is in the email. One of the new things in the release is a shiny new shell (pdl2, the first is a venerable stalwart, but the new one uses Devel::REPL and aims to be a little more friendly). We had thought that it might be fun to have a browser based pdl2 shell running in the page ala http://tryruby.org/levels/1/challenges/0 . I found a ready-to-go browser-based shell wrapper https://github.com/vti/showmetheshell all ready for a plack deployment. Now we are just worried about leaving an open perl shell to the world (yikes!). Do you have any thoughts and might dotCloud be interested in helping (I'm sure we could plug dotCloud copiously along the way)? I haven't asked Chris or any of the higher devs so take this just from me, essentially a PDL mid-level guy, but I think most people wouldn't mind a couple plugs. Thanks for any thoughts you might be able to share either way. Cheers and thanks for all you work on Perl! Joel Berger On Wed, Jan 4, 2012 at 9:21 PM, Joel Berger <[email protected]> wrote: > I was more worried about things like Puneet mentioned. Yeah > permissions would help. I know nothing about Safe.pm and really > nothing about sandboxing, I just knew that I wouldn't want a random > person to be able to open a terminal on my box, root or not. > > On Wed, Jan 4, 2012 at 6:22 PM, David Mertens <[email protected]> > wrote: >> On Wed, Jan 4, 2012 at 5:55 PM, Puneet Kishor <[email protected]> wrote: >>> >>> >>> On Jan 4, 2012, at 5:39 PM, David Mertens wrote: >>> >>> > On Wed, Jan 4, 2012 at 2:32 PM, Puneet Kishor <[email protected]> >>> > wrote: >>> > >>> >> >>> >> On Dec 30, 2011, at 12:08 AM, Joel Berger wrote: >>> >> >>> >>> Although you would probably need to do some sandboxing or else >>> >>> somereworking, you might check out >>> >>> showmetheshell,https://github.com/vti/showmetheshell >>> >>> Its a lightweight, perl-driven, browser based terminal! >>> >>> >>> >>> If you change the line >>> >>> >>> >>> PocketIO->new(instance => Handler->new(cmd => '/bin/bash')); >>> >>> >>> >>> to >>> >>> >>> >>> PocketIO->new(instance => Handler->new(cmd => 'pdl')); >>> >>> >>> >>> The browser terminal starts up with a new pdl prompt and everything. >>> >>> One really just needs to look into the sandboxing at that point. >>> >> >>> >> >>> >> >>> >> Wow, this is a whole bucket of fun. >>> >> >>> >> I really want to make this available to the inquiring, inquisitive >>> >> potential PDLer, but am not sure what to do to sandbox it. I poked >>> >> around >>> >> the docs but didn't see anything mentioned. Any suggestions? I would be >>> >> happy to host this on my machine, at least until things get out of >>> >> hand. >>> >> >>> > >>> > I haven't looked at showmetheshell, but I expect that Joel meant >>> > Safe.pm: >>> > http://perldoc.perl.org/Safe.html >>> > >>> > If you wrap the interpreter in Safe.pm, you could prevent users from >>> > trashing the Perl interpreter that's running the shell. (Again, that may >>> > not even be a problem. I'm not sure. Any comments, Joel?) >>> >>> >>> I will take a look at Safe.pm, but I am concerned about shit like so >>> >>> pdl> $str = "rm /*.*" >>> pdl> system($str) >>> >>> >>> >>> > >>> > David >>> > >>> > -- >>> > Sent via my carrier pigeon. >>> >> >> You might be able to protect yourself from this by running the server under >> a process that can't actually delete any files. It'll be a mild headache >> setting up the permissions for it, but it could be done. But Safe.pm should >> work for this, too. >> >> >> David >> >> -- >> Sent via my carrier pigeon. _______________________________________________ Perldl mailing list [email protected] http://mailman.jach.hawaii.edu/mailman/listinfo/perldl
