in reply to Re^4: parse lisp style config
in thread parse lisp style config

Why not just make your config a perl data structure?

Because parsing Perl in a safe way is hard. You don't want to execute the "rm -rf /" in $config={ foo => `rm -rf /` }.

See also:

Alexander

--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)

Replies are listed 'Best First'.
Re^6: parse lisp style config
by cavac (Prior) on Dec 05, 2024 at 13:26 UTC

    I agree. You'd basically have to rewrite the perl interpreter so that can run a copy of itself as child process in a sandbox and only return a safe, sanitized hashref. To quote RFC1925:

       (5)  It is always possible to aglutenate multiple separate problems
        into a single complex interdependent solution. In most cases
        this is a bad idea.

    [download]

    With enough software engineering, this is certainly possible, at least to a certain extend, but

       (3)  With sufficient thrust, pigs fly just fine. However, this is
        not necessarily a good idea. It is hard to be sure where they
        are going to land, and it could be dangerous sitting under the
+m
        as they fly overhead.

    [download]

    PerlMonks XP is useless? Not anymore: XPD - Do more with your PerlMonks XP
    Also check out my sisters artwork and my weekly webcomics
[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom