From qd1qupwe.hs2@20minutemail.com

  Hello.
My project grow constantly and now I need in a new feature. It seems there is no way to chroot packages (new pkgroot operator?) now and code execution in do/eval can modify global vars.

Current state​:

our $conf = {x => 1};
eval '$main​::conf = { y => 2}'; # sandbox ? - no, it isn't
print %$conf;

# result
y2

# pkgroot example1 ; simple way
our $conf = {x => 1}; # $main​::conf
pkgroot "MySandBox"; # any code in do/eval now refer to *MySandBox
eval '$conf = {y => 2}'; # $MySandBox​::main​::conf
pkgroot 0; # call with false value - now any code in do/eval work as usual
print "first​:", %$conf , "\n";
print "second​:", %${MySandBox​::main​::conf},"\n";
print "third​:", %${MySandBox​::conf},"\n"; # same as previous

# result
first​: x1
second​: y2
third​: y2

# pkgroot example2 ; advanced way with local operator
BEGIN{
  our $conf = {x => 1}; # $main​::conf
  $_ = "MySandBox";
  local pkgroot; # localized to scope-only; no-arg call use $_
  sub test{ $main​::conf = {y=>2}; }; # declaration MySandBox​::test sub that modify $MySandBox​::main​::conf var
}
print "first​:", %$conf , "\n";
MySandBox​::test(); # modify $MySandBox​::main​::conf, not $main​::conf
print "second​:", %${MySandBox​::main​::conf},"\n";

# result
first​: x1
second​: y2

So, first questioin​: Is that possible to implement that?

Excuse me if there is a wrong place to request features. Please point me where I can find true perl-hackers.

Thank You.

From @tonycoz

On Mon Feb 02 00​:13​:59 2015, qd1qupwe.hs2@​20minutemail.com wrote​:

Hello.
My project grow constantly and now I need in a new feature. It seems
there is no way to chroot packages (new pkgroot operator?) now and
code execution in do/eval can modify global vars.

Have you looked at the Safe module?

NAME
  Safe - Compile and execute code in restricted compartments

However, note the warning​:

WARNING
  The authors make no warranty, implied or otherwise, about the
  suitability of this software for safety or security purposes.

Tony

The RT System itself - Status changed from 'new' to 'open'

From qd1qupwe.hs2@20minutemail.com

On Mon Feb 02 14​:38​:35 2015, tonyc wrote​:

Have you looked at the Safe module?

NAME
Safe - Compile and execute code in restricted compartments

However, note the warning​:

WARNING
The authors make no warranty, implied or otherwise, about the
suitability of this software for safety or security purposes.

Tony

Hello.
Thank for Your reply, Tony. I've tried Safe, it is good one. But open bugs..
And for example, in my small test I got unexpected result​:

#!perl

package ASD;
our $X = {z => 1};

use Data​::Dumper;
use Safe;

our $X = {x => 1};

{
  my $root = new Safe 'ASD';
  $root->reval('$X = {y => 1}; sub x{return "aaa"}; x();'); $@​ && die $@​;
  print Dumper( ${ASD​::X} ),"\n";
  print Dumper( ${main​::X} ),"\n";
}

print ASD​::x(),"\n";

# result

$VAR1 = {
  'y' => 1
  };

$VAR1 = undef;

aaa

I.E. print Dumper( ${main​::X} ),"\n"; print $VAR1 = undef;

But if I comment `package ASD' string at beginning of script than all is ok.

Nevertheless, over Your reply I found reply to my question​: yes, it is possible to implement that.

Can You implement pkgroot operator with just one small functionality? Operator masks and other functionality let implement Safe module or any (Opmask, for example).

Thank You.

From qd1qupwe.hs2@20minutemail.com

On Mon Feb 02 19​:24​:44 2015, qd1qupwe.hs2@​20minutemail.com wrote​:

Can You implement pkgroot operator with just one small functionality?
Operator masks and other functionality let implement Safe module or
any (Opmask, for example).

Thank You.

May be next code snippet can be good start point. In next code expr `local *PKG​:: = *main​::SandBox​::' work like pkgroot operator but only for PKG​:: and all PKG​:: subpackages. But it seems there is no way to implement same strategy for all packages (incuding main​::). May be no need in new operator, just extend `local' operator?

our $conf = {x => 1};

{
  local *PKG​:: = *main​::SandBox​:: ;
  eval <<_END;
  package PKG;
  our \$conf = {b => 3};
  sub test{
  \$conf = {t => 3};
  print "123\n"
  }
_END
  $@​ &amp;&amp; die $@​;
}

main​::SandBox​::test();

print %$main​::SandBox​::conf,"\n";

From [Unknown Contact. See original ticket]

On Mon Feb 02 19​:24​:44 2015, qd1qupwe.hs2@​20minutemail.com wrote​:

Can You implement pkgroot operator with just one small functionality?
Operator masks and other functionality let implement Safe module or
any (Opmask, for example).

Thank You.

May be next code snippet can be good start point. In next code expr `local *PKG​:: = *main​::SandBox​::' work like pkgroot operator but only for PKG​:: and all PKG​:: subpackages. But it seems there is no way to implement same strategy for all packages (incuding main​::). May be no need in new operator, just extend `local' operator?

our $conf = {x => 1};

{
  local *PKG​:: = *main​::SandBox​:: ;
  eval <<_END;
  package PKG;
  our \$conf = {b => 3};
  sub test{
  \$conf = {t => 3};
  print "123\n"
  }
_END
  $@​ &amp;&amp; die $@​;
}

main​::SandBox​::test();

print %$main​::SandBox​::conf,"\n";

From qd1qupwe.hs2@20minutemail.com

On Mon Feb 02 23​:27​:28 2015, qd1qupwe.hs2@​20minutemail.com wrote​:

May be no need in new operator, just extend `local' operator?

Hello. I'm sorry for noise, but I must public my end offering.
Task​: extend local operator.
If You ready to complete this task, but have any kind of troubles, you can public account name at bitcointalk forum, cryptocat service or jabber account. I'll contact with you and we will can agree "terms of a contract". Privacy is guaranteed.

---> But note that I prefer bitcoin to make reward for your work.

I hope someone can help perl to be a bit better.

From [Unknown Contact. See original ticket]

On Mon Feb 02 23​:27​:28 2015, qd1qupwe.hs2@​20minutemail.com wrote​:

May be no need in new operator, just extend `local' operator?

Hello. I'm sorry for noise, but I must public my end offering.
Task​: extend local operator.
If You ready to complete this task, but have any kind of troubles, you can public account name at bitcointalk forum, cryptocat service or jabber account. I'll contact with you and we will can agree "terms of a contract". Privacy is guaranteed.

---> But note that I prefer bitcoin to make reward for your work.

I hope someone can help perl to be a bit better.

From @davidnicol

On Wed, Feb 4, 2015 at 10​:28 AM, John Doe via RT <perlbug-comment@​perl.org>
wrote​:

On Mon Feb 02 23​:27​:28 2015, qd1qupwe.hs2@​20minutemail.com wrote​:

May be no need in new operator, just extend `local' operator?

Hello. I'm sorry for noise, but I must public my end offering.
Task​: extend local operator.

Have you looked at the "forks" module? It may suit your purposes to fork a
separate process for the sandbox, and the "forks" module provides a way to
do that using the "threads" interface for data
sharing and returning values from the child.

From qd1qupwe.hs2@20minutemail.com

On Wed Feb 04 09​:51​:09 2015, davidnicol@​gmail.com wrote​:

Have you looked at the "forks" module? It may suit your purposes to fork a
separate process for the sandbox, and the "forks" module provides a way to
do that using the "threads" interface for data
sharing and returning values from the child.

Hello.
There is 2 reasons​:
1) --> First and main - I want to make perl a bit better. As I mentioned earlier expression `local *PKG​:: = *main​::SandBox​::` is very usable to create isolation for PKG​:: and all subpackages and I think it will be better If we impove local operator (It seems now it is not possible to make isolation for *main​:: and all packages)
2) --> I can't use separate process
Thank You.