The two issues you point to before all the code are (1) the best way to run the code, and (2) the best way to get your data in and out of it. However, the code itself suggests that you're also worried about some semblance of isolation. What's the point of that? If the code you're running is not trusted (i.e., you want to prevent access to system resources), that's going to be hard. If you just want to avoid someone accidentally stomping on the rest of your program, that's something else.
I'd use some kind of prolog/epilog wrapper to get data in and out. I think this is fraught with peril, however:
$evaltext .= <<EOT; my \$$k = '$v'; EOT
Even if you're not worried about malicious code, this would be pretty easy to trip up (if $v contains a single quote, for instance). I think "$v =~ s{(\\|\')}{\\$1}g" would be good enough protection (for $v but not for $k), but I'm not sure how much I'd stake on that. It might be safer to use Data::Dumper to serialize each $v and just put some strict limits on a pattern that $k must match.
If you just want some encapsulation to keep the eval from meddling with code it has no business with, I'd recommend a fork into another process. The child won't be able to muck with the parent's data (but beware of open filehandles and sockets and such). If I were writing this, I'd use open with the '-|' mode as in Re^4: Forking problem UPDATED. The child would write out some serialization of the resulting variables, and the parent would read them and make the changes to its local data.
Just to reiterate, if you're trying to avoid some process getting to local files or something, I don't have any suggestion.
In reply to Re: Best of three methods for evaling Perl snippets?
by kyle
in thread Best of three methods for evaling Perl snippets?
by tod222
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |