[ic] Safe use/require idea from PL/Perl

Peter peter at pajamian.dhs.org
Wed Jan 13 04:12:38 UTC 2010


On 13/01/10 09:52, Jon Jensen wrote:
> Folks,
> 
> Imagine if in Safe-contained [calc] and [perl] blocks you could use
> strict and warnings and get the benefit of Perl's help reviewing your
> code! Even better, what if Safe containers still worked in spite of the
> occasional runtime require call. Maybe it's possible, given this note
> about such features in PostgreSQL's PL/Perl language, which uses safe:
> 
> http://people.planetpostgresql.org/andrew/index.php?/archives/55-Another-shot-in-the-arm-for-PLPerl.html
> 
> 
> I don't have time to look at this in details now, but maybe someone does

I wouldn't mind having a look at the referenced patch to see how it's
done.  From the notes they are basically redirecting the require opcode
so that it won't actually load a new module but just die if the module
isn't already loaded.  I have to worry about just how safe this approach
is, though, as there are certainly lots of modules that will be loaded
that we don't want to give safe access to.

What I really want is to be able to write a global sub as a wrapper and
tell safe not to worry about anything that goes on in that sub, that the
sub itself and everything it does is safe.  Perhaps that's already
doable, but I'm not exactly sure how to do it.


Peter




More information about the interchange-users mailing list