Re: Using eval for

I've actually already written a node on this here - Sorry, I just wanted to see how merlyn felt when he could do this :-)

On to your specific questions, in addition to chip's excellent comments, the end solution will come down to how much freedom you really want to give to these plug-ins. Another solution which you may want to look at would be to use Safe to limit allowed operations. This module allows the creation of compartments in which unsafe Perl code can be evaluated with a new namespace and operator mask - The advantage that this offers is that the evaluated code can only do what you want it to do and cannot change variables outside its own scope (unless explicitly shared).

perl -e 's&&rob@cowsnet.com.au&&&split/[@.]/&&s&.com.&_&&&print'

Comment on Re: Using eval for

Replies are listed 'Best First'.
Re: Re: Using eval for by SuperCruncher (Pilgrim) on Dec 28, 2001 at 04:25 UTC
The plugins are going to be written by myself only, so 'trust' isn't really a problem - so I don't need to use `Safe`. I read your solution and it was interesting to see another approach. However, it doesn't have the same sort of "modularity" that I'd like: adding another site would require editing of the main source code file (I think!).	[reply]