in reply to Safe.pm considered unsafe?

I don't know anyone who uses Safe in a production environment, and I would certainly never do it. Unlike taint mode, it just doesn't get enough attention to trust it.

Replies are listed 'Best First'.
Re^2: Safe.pm considered unsafe?
by The Mad Hatter (Priest) on Dec 30, 2004 at 14:30 UTC
    Unless the PAUSE docs are out of date, it uses it:
    Please make sure all your *.pm files contain a $VERSION variable that conforms to the CPAN rules, i.e. the complete computation of $VERSION must take place on the one first line within the module that assigns to it. You can test if this is the case by running 
      perl -MExtUtils::MakeMaker -le 'print MM->parse_version(shift)' 'fil
+e'

    [download]
    on the filenames in question. The CPAN indexer will run this code within a Safe compartement, so maybe even if the above command succeeds, PAUSE may fail if you're doing file IO or other potentially dangerous things within that line.
[reply]
[d/l]
[select]
Re^2: Safe.pm considered unsafe?
by mckyj57 (Initiate) on Aug 29, 2009 at 18:31 UTC
    Reviving a thread five years old, yeah!

    There have been a lot of people using it in production for a long time. It is a great module as long as you realize it is for protecting users from themselves, i.e. disallowing open() and such. It is not for securing a system.
[reply]

In Section Meditations