[An Ode to the Granovetter Diagram is a nice intro to the concepts I'm dealing with]

Unfortunately no, that wouldn't work. I haven't fully explained why I'd like to audit perl code so your suggestion is reasonable given the supplied information. I've been spending time learning about Capability system and this is something that would be really useful for that sort of thing.

While I'm not aware of all the term's connotations and requirements the general idea is to end with something with properties like a Trusted Computing Base. This might mean that a set of objects exist in a context where arbitrary perl code is restricted. The specific example I mentioned in the original question isn't even properly testable using current perl technology. For example - I'd have to disallow use of unpack/pack with use of my() and global variables as patterns since those can introduce pP. That's a finer distinction than simply disallowing all use of pack/unpack. Even better would be to allow full use of pack/unpack but just turn off it's memory reading abilities. And this is just one example - there are plenty of other interesting constructs that would need to be pruned away.

It might be possible to use Safe if the object set's source code was continually compiled on each object invocation but you can see how that's really suboptimal. The only reasonable solution for current perl5 technology would be to split the program into separate process spaces (fork/threads/whatever) and do IPC to get object computation. Perhaps POE or something that can manage the details of IPC. But only provides one perl section protection from another - there's no internal protection without using Safe's cudgel, PPI's wobbly blade or my approach's unlocked gate. If there was a reliable way to audit a complete opcode tree then I'd be getting somewhere. Going farther it'd be good to insert assertions into the tree so then things that can only be known at runtime can be tested then.

Anyhow, thanks for the advice. I'll just hope perl6 is powerful enough to make some real magic happen. ;-)

Fun Fun Fun in the Fluffy Chair

In reply to Re^2: Auditing BEGIN blocks? by diotalevi
in thread Auditing BEGIN blocks? by diotalevi

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.