>>>>> "Franco" == Franco Bagnoli <[EMAIL PROTECTED]> writes:
Franco> a question to you perl gurus: Do you think that it is possible to "secure" Franco> regular expressions against such things? say, eliminating "system"s and Franco> backticks, or maybe wrapping everything in a "safe world" case? Franco> I'm asking this because in my experience a lot of people (I Franco> mainly refer to mathematicians) would like to adopt the tt2 Franco> language (mainly for generating latex files) as their first Franco> computer language (without knowing perl). But regexp are very Franco> important. And, on the other side, I would like to let them Franco> edit web pages by themselves... Franco> I can close the most evident holes, but an expert's opinion is always Franco> welcome. Just run the regex matching inside a Safe compartment. Safe isn't *perfect*, but it's better than an 80/20 solution. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[EMAIL PROTECTED]> <URL:http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training! _______________________________________________ templates mailing list [EMAIL PROTECTED] http://lists.template-toolkit.org/mailman/listinfo/templates
