comment on

I think that you should use the 2nd option, a Perl syntax with some limitations using a Safe compartment.

I have worked a lot with Safe, and created the module Safe::World, where all the resources needed to create a internal representation of a Perl interpreter is implemented over Safe.

Here's a simple example of how to create a compartment that only enables the use of variables, branch (if, elsif, else), loops (while, for), and IO (print, warn, die):

  use Safe::World ;
  
  #######
  # OPS #
  #######
  
  my @OPS_BASICS = qw(
  :base_loop

    rv2sv sassign

    rv2av aassign aelem aelemfast aslice av2arylen

    rv2hv helem hslice each values keys exists delete

    list lslice splice push pop shift unshift reverse
    
    lineseq nextstate scope enter leave setstate

    rv2cv anoncode prototype

    entersub leavesub leavesublv return method method_named

    leaveeval
  ) ;
  

  my @OPS_VARIABLES_AND_VALUES = qw(
  :base_mem
  :base_math

    scalar

    null stub pushmark const defined undef

    preinc i_preinc predec i_predec postinc i_postinc postdec i_postde
+c
    int hex oct abs pow multiply i_multiply divide i_divide
    modulo i_modulo add i_add subtract i_subtract

    left_shift right_shift bit_and bit_xor bit_or negate i_negate
    not complement

    lt i_lt gt i_gt le i_le ge i_ge eq i_eq ne i_ne ncmp i_ncmp
    slt sgt sle sge seq sne scmp

    substr stringify length ord chr

    ucfirst lcfirst uc lc quotemeta trans chop schop chomp schomp

    match split qr

    list lslice reverse

    cond_expr flip flop andassign orassign and or xor

    lineseq scope enter leave setstate

    rv2cv

    leaveeval

  
  gvsv gv gelem

  padsv padav padhv padany

  refgen srefgen ref
  ) ;
  
  my @OPS_SIMPLE_FUNCTIONS = qw(
  time sort 
  pack unpack
  print
  warn die
  ) ;
  
  #########
  # WORLD #
  #########
  
  my ( $stdout , $stderr ) ;

  my $world = Safe::World->new(
  stdout => \$stdout ,
  stderr  => \$stderr ,
  flush => 1 ,
  env => { %ENV } ,
  no_set_safeworld => 1 ,
  ) ;
  
  $world->op_permit_only(@OPS_BASICS , @OPS_VARIABLES_AND_VALUES , @OP
+S_SIMPLE_FUNCTIONS) ;
  
  my @ret = $world->eval(' $foo = 2**10 ; print "FOO: $foo\n" if $foo 
+== 1024 ; warn "Just an alert!\n" ') ;
  
  $world->close ;
  
  print ">>> STDOUT <<<\n$stdout\n" ;
  print ">>> ERRORS <<<\n$stderr\n" if $stderr ;
[download]

One good thing of Safe::World is that if the user uses exit(), die(), any IO output or load a module, this will exists only inside the Safe::World compartment, making your outside safer. But you will need to play with the operators that you want to just enable what is really needed. Take a look in the module Opcode for the list.

Graciliano M. P.
"Creativity is the expression of the liberty".

20040907 Edit by ysth: readmore tags

In reply to Re: Embedded perl or mini-language translator to perl by gmpassos
in thread Embedded perl or mini-language translator to perl by mp

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.