Re: plperl Safe restrictions

Jon Jensen wrote:

>On Thu, 14 Oct 2004, Andrew Dunstan wrote:
>
>  
>
>>It has just been brought to my attention that we are being very 
>>restrictive about what we allow to be done in trusted plperl. Basically 
>>we allow the :default and :base_math set of operations (run perldoc 
>>Opcode or see http://www.perldoc.com/perl5.8.0/lib/Opcode.html for 
>>details of what these mean). In particular, we do not allow calls to 
>>perl's builtin sort, which is unpleasant, and on reviewing the list it 
>>seems to me we could quite reasonably allow access to pack and unpack 
>>also. bless and sprintf are also likely candidates for inclusion - I 
>>have not finished reviewing the list, and would welcome advice from perl 
>>gurus on this.
>>
>>On the other side, I think we should exclude the :base_io set which is 
>>part of the :default set (we don't want trusted plperl writing to 
>>stdout, for example - all IO should be forbidden).
>>    
>>
>
>That makes sense. Allowing "rand" would be nice too.
>
>
>  
>

You can now - it's part of :base_math. What we should do, however, is 
disallow is calling srand, since pg goes to quite a bit of trouble to 
seed the PRNG.

cheers

andrew