Re: Is this code secure, can I test it on my machine?

Doing that at the Perl level is impossible, you may defeat some simple attacks but nothing else. Perl is too flexible and in this case, TIMTOWTDI plays against you!

Besides that, there are too many ways to gain complete control of the Perl interpreter: exploiting known bugs, forgering XS objects, unpack "p",..., etc.

A better approach would be do it at the OS level, using some MAC framework as AppArmor or running the code inside a virtual machine or a container.

Comment on Re: Is this code secure, can I test it on my machine? Download Code

Replies are listed 'Best First'.
Re^2: Is this code secure, can I test it on my machine? by ikegami (Patriarch) on May 23, 2010 at 19:32 UTC
Doing that at the Perl level is impossible Indeed. This is what Safe does, and it's officially considered to be unable to do its task.	[reply]
Re^2: Is this code secure, can I test it on my machine? by szabgab (Priest) on May 23, 2010 at 10:06 UTC
Clearly if someone can use XS otherwise leave perl that would need to be checked separately. The question then how can I locate the places in a perl code that indicate the usage of XS or other non-Perl code? What can you do with unpack "p"? Do you have an example?	[reply]
Re^3: Is this code secure, can I test it on my machine? by salva (Canon) on May 24, 2010 at 10:35 UTC
What can you do with unpack "p" I though it could be used to write to random locations in the process memory, but actually it can only be used to read from random memory, so it is mostly harmless, forget about it!	[reply]