[25282] in Perl-Users-Digest
Perl-Users Digest, Issue: 7527 Volume: 10
daemon@ATHENA.MIT.EDU (Perl-Users Digest)
Thu Dec 16 21:05:41 2004
Date: Thu, 16 Dec 2004 18:05:05 -0800 (PST)
From: Perl-Users Digest <Perl-Users-Request@ruby.OCE.ORST.EDU>
To: Perl-Users@ruby.OCE.ORST.EDU (Perl-Users Digest)
Perl-Users Digest Thu, 16 Dec 2004 Volume: 10 Number: 7527
Today's topics:
Re: [Q] $ARGV, <>, and command-line Perl <please_post@nomail.edu>
Re: [Q] $ARGV, <>, and command-line Perl <nobull@mail.com>
Re: [Slightly OT] Perl interpreter (win32) single "thre <nobull@mail.com>
Re: [Slightly OT] Perl interpreter (win32) single "thre <not@home.net>
Re: [Slightly OT] Perl interpreter (win32) single "thre <nobull@mail.com>
Re: [Slightly OT] Perl interpreter (win32) single "thre <not@home.net>
Re: [Slightly OT] Perl interpreter (win32) single "thre <not@home.net>
Re: [Slightly OT] Perl interpreter (win32) single "thre <nobull@mail.com>
Re: EOF and reading /proc <No_4@dsl.pipex.com>
Re: EOF and reading /proc <Mark.Seger@hp.com>
Re: EOF and reading /proc <No_4@dsl.pipex.com>
HTML Parser <groups@gevorgian.com>
Re: Is there a field-data abstraction layer for DBI/MyS xhoster@gmail.com
Regex help - need flexibility to parse with or without tudmuf2b@onebox.com
Re: Regex help - need flexibility to parse with or with <noreply@gunnar.cc>
Re: replace multiple lines in a file with Perl <tadmc@augustmail.com>
Re: replace multiple lines in a file with Perl <tadmc@augustmail.com>
Re: Restricted Subsets of Perl <andy.glew@intel.com>
Re: stand alone executable using pp doesn't stand alone <tadmc@augustmail.com>
Digest Administrivia (Last modified: 6 Apr 01) (Perl-Users-Digest Admin)
----------------------------------------------------------------------
Date: Thu, 16 Dec 2004 21:33:54 +0000 (UTC)
From: bill <please_post@nomail.edu>
Subject: Re: [Q] $ARGV, <>, and command-line Perl
Message-Id: <cpsv02$8sp$1@reader1.panix.com>
In <cpskfc$m4q$1@sun3.bham.ac.uk> Brian McCauley <nobull@mail.com> writes:
>J Krugman wrote:
>> Is it possible to write a simple one-liner
>> that cycles through all the lines of *each* of the files in named
>> in @ARGV and prints the name of the file if at least one of its
>> lines meets a condition?
>perl -ne 'print "$ARGV\n" if /whatever/ && !$seen{$ARGV}++'
Interesting topic.
I have two follow up questions regarding this:
1. Is there a simple modification of this one-liner that would short
circuit the unnecessary reading of lines when $seen{$ARGV} evaluates
to true?
I tried
perl -ne 'if (/whatever/) { print "$ARGV\n"; last }'
which seems to work, but I really don't know what I'm doing.
2. A related issue is the resetting of $. . Suppose that I wanted
to check for /whatever/ only within the first 10 lines of every
file. This is perhaps getting to be too difficult for a "one-liner",
but I tried
perl -ne '$seen{$ARGV}++ if /whatever/; if ($seen{$ARGV} || eof || $. >= 10) { print "$ARGV\n" if $seen{$ARGV}; close ARGV }'
which almost works, but I get a slew of weird "Can't open ./xyz:
no such file or directory." errors at the end. I haven't been able
to figure out the reason for these. (Actually, I got those with
Brian's version too.)
bill
------------------------------
Date: Thu, 16 Dec 2004 22:24:09 +0000
From: Brian McCauley <nobull@mail.com>
Subject: Re: [Q] $ARGV, <>, and command-line Perl
Message-Id: <cpt1lf$s74$1@sun3.bham.ac.uk>
bill wrote:
> In <cpskfc$m4q$1@sun3.bham.ac.uk> Brian McCauley <nobull@mail.com> writes:
>
>
>>J Krugman wrote:
>>
>>> Is it possible to write a simple one-liner
>>>that cycles through all the lines of *each* of the files in named
>>>in @ARGV and prints the name of the file if at least one of its
>>>lines meets a condition?
>
>
>>perl -ne 'print "$ARGV\n" if /whatever/ && !$seen{$ARGV}++'
>
>
>
> Interesting topic.
>
> I have two follow up questions regarding this:
>
> 1. Is there a simple modification of this one-liner that would short
> circuit the unnecessary reading of lines when $seen{$ARGV} evaluates
> to true?
But.... this is one-liner Perl! It's very unlikely that any such
optomization could replay the time to make the keystrokes much less the
time to think about it.
My understanding is that close(ARGV) will advance <> to the next file.
If you were going to write a real script then sure it would be worth the
candle.
> I tried
>
> perl -ne 'if (/whatever/) { print "$ARGV\n"; last }'
>
> which seems to work, but I really don't know what I'm doing.
I would expect that to print only the first matching file.
> 2. A related issue is the resetting of $. . Suppose that I wanted
> to check for /whatever/ only within the first 10 lines of every
> file. This is perhaps getting to be too difficult for a "one-liner",
> but I tried
>
> perl -ne '$seen{$ARGV}++ if /whatever/; if ($seen{$ARGV} || eof || $. >= 10) { print "$ARGV\n" if $seen{$ARGV}; close ARGV }'
>
> which almost works, but I get a slew of weird "Can't open ./xyz:
> no such file or directory." errors at the end. I haven't been able
> to figure out the reason for these. (Actually, I got those with
> Brian's version too.)
Seems likely that there are files with shell metacharacters or spaces in
their names.
------------------------------
Date: Thu, 16 Dec 2004 19:10:25 +0000
From: Brian McCauley <nobull@mail.com>
Subject: Re: [Slightly OT] Perl interpreter (win32) single "threaded"?
Message-Id: <cpsm9a$mve$1@sun3.bham.ac.uk>
JayEs wrote:
>>The code we're looking for is the code that exhibits the problem that
>>makes you think it might be single-threaded. I, and possibly others,
>>have a sneaking suspicion that the problem is in your code, or
>>possibly in Windows, not in Perl. But until we see your code, we
>>don't know if your question is even relevant to your real problem.
>
>
> My suspicion is no longer sneaking, it is throdding down the hill in a 4X4
> with monster tires. And we of course disagree. I do not know how Perl
> handles http requests
Perl does not handle http requests.
Perhaps you really have a question not about Perl but about something
that does handle http requests.
> (as that is what my code -- for the moment anyway --
> is all about) but unless the problem is with Mech or IE::Mech, it has to be
> this particular windows distribution (ActiveState 5.8)
What are Mech and IE::Mech? Are they perhaps things that have something
to do with http? Are thay in some way related to WWW::Mechanize and
Win32::IE::Mechanize?
Knowing what little I know about Windows, IE and using OLE to control
interactive Win32 apps it seems unlikley that you could have multiple
instances of Win32::IE::Mechanize working at once since both would be
trying to take control of your IE process (and AFAIK you only have one
of those at a time).
Anyhow, like I say I'm no expert - but it seems more likely this is a
question about IE and the OLE InternetExplorer object than it is about Perl.
>>This is also known as an X-Y problem. You're asking for X-- whether
>>or not Perl is single-threaded, but you really want Y-- the ability to
>>modify one file from multiple programs at once. If we see the code
>>you're using, we may be able to make suggestions as to how to
>>accomplish your goals another way, but we can't do that without code.
>
>
> Not really, you are correct in assuming that X = "Is Perl (on Win32) Single
> threaded", but Y != "ability to modify one file from multiple programs".
> There is a Y (there always is) but it's not releveant to X in that for now X
> is a showstopper.
You could trivially test if multiple Perl processes could run at once by
trying it.
> Nothing really peculiar about it. The code is navigates to a URL, fills in
> some fields, clicks on a button and saves the output to a variable.
I've been using Perl professsionally for may years and I've only wery
rarely used it to build robotic web clients, never for this purpose on
windows certainly never by taking remote control of IE.
However by a strange co-incidence this is what I will be doing this next
week.
------------------------------
Date: Thu, 16 Dec 2004 19:24:43 GMT
From: "JayEs" <not@home.net>
Subject: Re: [Slightly OT] Perl interpreter (win32) single "threaded"?
Message-Id: <%hlwd.375$wi2.52@newssvr11.news.prodigy.com>
>> #Build the URL
>> my $propertyID; #= $ARGV[0];
>> foreach (@ARGV) {
>> $propertyID = "$_\n";
>
> I don't have time to test the retst of your script right now, but what do
> you think this does?
Declare a scalar named $propertyID, go thru' the command line args and drop
whatever is in that array in $propertyID, obliterating what was there
before... On the next line of code you will see that the closing } is
commented out. This means that the foreach doesn't properly loop and only
gets executed once. Which works in this case because the script requires
only one argument to be passed. I guess I could just as well have used:
my $propertyID = $ARGV[x];
But this being a test script and all I was more concerned with making it
work then making it pretty. I ran it plenty times to know that it does what
it needs to do. That is to say, on the boxes I tested it on.... :-)
TNX
JS
------------------------------
Date: Thu, 16 Dec 2004 19:42:59 +0000
From: Brian McCauley <nobull@mail.com>
Subject: Re: [Slightly OT] Perl interpreter (win32) single "threaded"?
Message-Id: <cpso78$nq0$1@sun3.bham.ac.uk>
JayEs wrote:
>>On the other hand, if your test produces the same results when run on a
>>public server, you've done two things: You've eliminated server issues
>>from consideration as a possible cause, and at the same time produced a
>>simple test script that others can use to help you diagnose the problem.
>
> I tried that. Of course the script runs fine on the pub server, but sits
> around and doesn't when started multiple times.... Anywho, here is the
> "public script" I hacked together for the test.
>
[ snip ]
I tried running that and I got:
Missing right curly or square bracket at [...] EOF
I uncommented the mysteriously commented-out right curly bracket and I
found it needs a later version of WWW::Mechanize than is found on the
Activestate PPM server. What version are you using?
------------------------------
Date: Thu, 16 Dec 2004 20:20:09 GMT
From: "JayEs" <not@home.net>
Subject: Re: [Slightly OT] Perl interpreter (win32) single "threaded"?
Message-Id: <Z5mwd.388$wi2.43@newssvr11.news.prodigy.com>
> I uncommented the mysteriously commented-out right curly bracket and I
> found it needs a later version of WWW::Mechanize than is found on the
> Activestate PPM server. What version are you using?
The ActiveState PPM server is severely out of date when it comes to the
Mech. I am using the latest version from CPAN which is 1.6 last time I
checked (which was about a week ago).
------------------------------
Date: Thu, 16 Dec 2004 20:29:50 GMT
From: "JayEs" <not@home.net>
Subject: Re: [Slightly OT] Perl interpreter (win32) single "threaded"?
Message-Id: <2fmwd.389$wi2.108@newssvr11.news.prodigy.com>
<SNIP>
>
> What are Mech and IE::Mech? Are they perhaps things that have something
> to do with http? Are thay in some way related to WWW::Mechanize and
> Win32::IE::Mechanize?
One and the same
> Knowing what little I know about Windows, IE and using OLE to control
> interactive Win32 apps it seems unlikley that you could have multiple
> instances of Win32::IE::Mechanize working at once since both would be
> trying to take control of your IE process (and AFAIK you only have one of
> those at a time).
I am not sure. We do visual scraping with the WebBrowser control (which is
an ActiveX version of IE) in VB all the time and it's perfectly possible to
have multiple open that perform simultaneously. Of course I do not know how
Win32::IE::Mechanize hooks into IE, but I see the same behavior when using
the Mech (which does NOT hook into a browser)
> Anyhow, like I say I'm no expert - but it seems more likely this is a
> question about IE and the OLE InternetExplorer object than it is about
> Perl.
Not really, we only use IE::Mech if WWW::Mech fails, which is not often and
as stated before the same thing occurs.
> You could trivially test if multiple Perl processes could run at once by
> trying it.
Already did that, that is what caused my OP.
> I've been using Perl professsionally for may years and I've only wery
> rarely used it to build robotic web clients, never for this purpose on
> windows certainly never by taking remote control of IE.
>
> However by a strange co-incidence this is what I will be doing this next
> week.
Hey you are my "photo-negative" <g> We have been doing robot web clients
that use IE in some form or fashion for a long time, but Perl is new :-)
Maybe we can take this offline and swap some horror-stories.
------------------------------
Date: Thu, 16 Dec 2004 22:04:04 +0000
From: Brian McCauley <nobull@mail.com>
Subject: Re: [Slightly OT] Perl interpreter (win32) single "threaded"?
Message-Id: <cpt0fq$rlc$1@sun3.bham.ac.uk>
JayEs wrote:
>>I uncommented the mysteriously commented-out right curly bracket and I
>>found it needs a later version of WWW::Mechanize than is found on the
>>Activestate PPM server. What version are you using?
>
>
> The ActiveState PPM server is severely out of date when it comes to the
> Mech. I am using the latest version from CPAN which is 1.6 last time I
> checked (which was about a week ago).
>
Well I have at last manged to run your script on a WinXP box and with
one copy in does look subjectively jerky. Most of the time the time
waiting on external resources - nowhere near maxing-out the CPU.
If I run another copy of the process it behaves the same then way. The
the effect is subjectively what you describe in the OP of this thread.
But of course there's no reason to conclude they are waiting on each
other, it's just that most of the time they are waiting on external
resources.
Appart from subjective observations do you have anything to support the
hypothesis that the Perl processes are waiting on each other?
------------------------------
Date: Thu, 16 Dec 2004 19:41:49 +0000
From: Big and Blue <No_4@dsl.pipex.com>
Subject: Re: EOF and reading /proc
Message-Id: <41c1e4f5$0$16583$cc9e4d1f@news-text.dial.pipex.com>
Mark Seger wrote:
>
> In any event, this should (and does) read a single line and then fall
> through the loop. However, if I run this for a long time, it
> occasionaly reads a second record which is not right! the contents of
> that partial line look like the end of 'stat':
>
> Opened /proc/8887/stat
> 8887 (sshd) R 1761 1761 1761 0 -1 64 153 54 231 43 19 62 0 0 15 0 0 0
> 484375023 6979584 449 4294967295 134512640 134784984 3221221808
> 3221202756 4294959106 0 0 4096 73728 0 0 0 17 0 0 0 19 62 0 0
> 9 62 0 0
You haven't said which OS, but it doesn't matter (looks like Linux?).
I suspect the problem goes like this:
a) you read the line (so your file-handle is now at position x == eol)
b) The process stats change. The line length is now longer.
c) You read from the same file handle, starting at position x. Because
of b there are now data beyond this point, so you get them.
The solution is trivial.
You know the file will only contain one line, so only read one line.
Don't use a generic loop unless you can control it to do what you actually
need. You *don't* want to read <n> lines until EOF - you want to read 1
line then close the file.
--
-*- Just because I've written it here doesn't -*-
-*- mean that you should, or I do, believe it. -*-
------------------------------
Date: Thu, 16 Dec 2004 17:37:58 -0500
From: Mark Seger <Mark.Seger@hp.com>
Subject: Re: EOF and reading /proc
Message-Id: <41c21142$1@usenet01.boi.hp.com>
yes, it's linux. your explanation sounds reasonable...
actually I had thought of just reading one line too, but wanted to
understand why this was happening rather than just changing some code -
something that happens all too often and ends up biting one if one isn't
careful.
I guess part of my problem is I don't know the semantics of how /proc
works since these aren't really files. Are you saying it's possible for
things to change in the middle of reading them? Wouldn't this make all
system utilities that read /proc subject to errors? I have looked at a
random set of utilities, like iostat and sar and they all seem to just
read /proc and not worry about corrupted data.
-mark
Big and Blue wrote:
> Mark Seger wrote:
> >
>
>> In any event, this should (and does) read a single line and then fall
>> through the loop. However, if I run this for a long time, it
>> occasionaly reads a second record which is not right! the contents of
>> that partial line look like the end of 'stat':
>>
>> Opened /proc/8887/stat
>> 8887 (sshd) R 1761 1761 1761 0 -1 64 153 54 231 43 19 62 0 0 15 0 0 0
>> 484375023 6979584 449 4294967295 134512640 134784984 3221221808
>> 3221202756 4294959106 0 0 4096 73728 0 0 0 17 0 0 0 19 62 0 0
>> 9 62 0 0
>
>
> You haven't said which OS, but it doesn't matter (looks like Linux?).
>
> I suspect the problem goes like this:
>
> a) you read the line (so your file-handle is now at position x == eol)
>
> b) The process stats change. The line length is now longer.
>
> c) You read from the same file handle, starting at position x. Because
> of b there are now data beyond this point, so you get them.
>
> The solution is trivial.
>
> You know the file will only contain one line, so only read one line.
> Don't use a generic loop unless you can control it to do what you
> actually need. You *don't* want to read <n> lines until EOF - you want
> to read 1 line then close the file.
>
>
------------------------------
Date: Fri, 17 Dec 2004 00:57:40 +0000
From: Big and Blue <No_4@dsl.pipex.com>
Subject: Re: EOF and reading /proc
Message-Id: <41c22efb$0$19158$cc9e4d1f@news-text.dial.pipex.com>
Mark Seger wrote:
>
> I guess part of my problem is I don't know the semantics of how /proc
> works since these aren't really files.
Define "file".
> Are you saying it's possible for
> things to change in the middle of reading them?
It is possible for the contents of *any* (unlocked) file to change
while your read it.
> Wouldn't this make all
> system utilities that read /proc subject to errors?
It depends on the format of the file. The stat file is 1 line, so if
you read 1 line you won't have a problem. Your problem is that having read
one line you look to see whether there is any more. In that gap between
the two reads the file contents may change.
> I have looked at a
> random set of utilities, like iostat and sar and they all seem to just
> read /proc and not worry about corrupted data.
If they read it all in one go (perhaps indirectly) then parse it they
won't have a problem. Or the file may have a fixed format anyway.
--
-*- Just because I've written it here doesn't -*-
-*- mean that you should, or I do, believe it. -*-
------------------------------
Date: 16 Dec 2004 16:50:37 -0800
From: "Asoup" <groups@gevorgian.com>
Subject: HTML Parser
Message-Id: <1103244637.209361.238980@c13g2000cwb.googlegroups.com>
Hullo,
I am working on a perl script that will catch data from a HTML file.
Thus I am using HTML::FormatText module in order to work with the data.
My question is the following; Is there a way in HTML::FormatText that
will allow me to catch a text that is located in, let's say <p
class=news_title> (this is the text I need) </p> ?
If you know of any other tricks please let me know :) thanks!
------------------------------
Date: 16 Dec 2004 22:19:23 GMT
From: xhoster@gmail.com
Subject: Re: Is there a field-data abstraction layer for DBI/MySQL?
Message-Id: <20041216171923.272$9S@newsreader.com>
Ole.Johansson@kilo.sunet.se (Ole) wrote:
> Hi there!
>
> I'm currently looking for a kind of "field-data abstraction layer for
> DBI/MySQL". It should solve the issues of table layout and data
> access.
> Now I try to find out if there is a module availalble of if I need to
> breed my own.
>
> some pseudo code to illustrate what I mean:
>
> at the moment I need to do this
>
> - do some SQL query
> - @row = handle->fetchrow_array
> - access data-field by $data-in-field = $row[4]
>
> here I need to know what the table layout is.
Of course you don't need to know the table layout. You only need to know
what the layout of your SQL statement is, which is just two lines up.
Unless, of course, your SQL was "select * from....".
So don't do that.
> And I can't hardly change the table layout after I introduced a
> specific layout into my code
Nonsense.
>
> I should be like this:
> access sql and fetch data-field in one step:
> -$data-in-field = $table-$row{id}-$field{name}
What is with all the minus signs? This a Perl group, so
make your psuedocode at least somewhat Perlish.
Xho
--
-------------------- http://NewsReader.Com/ --------------------
Usenet Newsgroup Service $9.95/Month 30GB
------------------------------
Date: 16 Dec 2004 12:59:33 -0800
From: tudmuf2b@onebox.com
Subject: Regex help - need flexibility to parse with or without blanks in output....
Message-Id: <1103230773.649120.82730@f14g2000cwb.googlegroups.com>
Perl Gurus:
I'm trying to write a script that runs the rup command, and then takes
the output of it to do something.
Here are 2 possible outputs that rup could give you (if a box has been
up for less than a day, there is no "xx days" field):
bastion1 up 18:01, load average: 0.17 0.15 0.06
bastion2 up 30 days, 22:34, load average: 0.00 0.00 0.02
My script works for the 2nd case (the "bastion2" host) - even if "days"
is singular. But how do I make my regex more flexible so that it can
say:
1. if the box has been up for less than a day, then just skip to the
time field and grab it, so that $days=0, $time=18:01 (from the example
above).
2. if the box has been up for X days, then I want to grab the number of
days so that $days=30, and also grab the time, so that $time=22:34
(above).
Somehow I need to say something like
/.*up\s+(\d+\s+days?,|.*\d{1,2}:\d+),/
but I want to grab $days no matter what:
#!/usr/bin/perl
use strict;
use warnings;
use Sys::Hostname;
use Time::ParseDate;
my ($seconds,$days,$time);
my $host = hostname;
my $rup = `rup $host`;
chomp ($rup);
($days,$time) = $rup =~
m#\S+\s+up\s+(\d+)\s+days?,\s+(\d{1,2}:\d{2}),#;
print "days is $days\n";
print "time is $time\n";
----------------------
Thanks,
JD
------------------------------
Date: Thu, 16 Dec 2004 22:28:18 +0100
From: Gunnar Hjalmarsson <noreply@gunnar.cc>
Subject: Re: Regex help - need flexibility to parse with or without blanks in output....
Message-Id: <32ecsiF3iu6keU1@individual.net>
tudmuf2b@onebox.com wrote:
> Here are 2 possible outputs that rup could give you (if a box has been
> up for less than a day, there is no "xx days" field):
>
> bastion1 up 18:01, load average: 0.17 0.15 0.06
> bastion2 up 30 days, 22:34, load average: 0.00 0.00 0.02
>
> My script works for the 2nd case (the "bastion2" host) - even if "days"
> is singular. But how do I make my regex more flexible so that it can
> say:
>
> 1. if the box has been up for less than a day, then just skip to the
> time field and grab it, so that $days=0, $time=18:01 (from the example
> above).
>
> 2. if the box has been up for X days, then I want to grab the number of
> days so that $days=30, and also grab the time, so that $time=22:34
> (above).
<snip>
> ($days,$time) = $rup =~
> m#\S+\s+up\s+(\d+)\s+days?,\s+(\d{1,2}:\d{2}),#;
>
> print "days is $days\n";
One way:
($days,$time) = $rup =~
m#\S+\s+up\s+(?:(\d+)\s+days,\s+)?(\d{1,2}:\d{2}),#;
print "days is " . ($days or 0) . "\n";
--
Gunnar Hjalmarsson
Email: http://www.gunnar.cc/cgi-bin/contact.pl
------------------------------
Date: Thu, 16 Dec 2004 18:50:16 -0600
From: Tad McClellan <tadmc@augustmail.com>
Subject: Re: replace multiple lines in a file with Perl
Message-Id: <slrncs4ba8.4if.tadmc@magna.augustmail.com>
learner <tzhai2002@yahoo.com> wrote:
> Well, did you read my first post,
Yes I did, and this is the *last* post of yours that I will be reading.
Good luck!
--
Tad McClellan SGML consulting
tadmc@augustmail.com Perl programming
Fort Worth, Texas
------------------------------
Date: Thu, 16 Dec 2004 18:53:47 -0600
From: Tad McClellan <tadmc@augustmail.com>
Subject: Re: replace multiple lines in a file with Perl
Message-Id: <slrncs4bgr.4if.tadmc@magna.augustmail.com>
learner <tzhai2002@yahoo.com> wrote:
> Ok,
"OK" implies agreement, yet you are not agreeing to post a short
and complete program that we can run...
> Please do these steps to run the program I posted:
Send me a check *before* you start issuing instructions to me.
I'm busy.
> see if you can help me out in return.
^^^^^^^^^
In return for *what*?
You haven't done anything for me, you haven't even done what
I asked of you.
If you make it easy for people to answer your question you will
have a much better chance of getting an answer to your question.
If you don't, you won't.
--
Tad McClellan SGML consulting
tadmc@augustmail.com Perl programming
Fort Worth, Texas
------------------------------
Date: 16 Dec 2004 17:50:29 -0800
From: Andy Glew <andy.glew@intel.com>
Subject: Re: Restricted Subsets of Perl
Message-Id: <q5i8y7xbsm2.fsf@plxc0250.pdx.intel.com>
Brian McCauley <nobull@mail.com> writes:
> But there is still a security hole because if the code within the safe
> compartment returns a value that is blessed into a package with a
> DESTROY then that destructor will be called with the true symbol table
> root accessible.
I must conclude that this is a bug in Safe. The destructor should be
compiled in such a manner that it is placed back into the Safe
compartment before being run.
And I think this points to the real problem with Safe. So far as I can
tell, Safe seems to affect the execution of the code, not the
compilation of the code. During execution inside the Safe, various
pseudo-opcodes are disabled, and the namespace is restricted. But
code compiled inside the Safe which is executed outside may not be
properly restricted.
Q: is it possible to identify all code compiled inside the safe?
Surely so.
Simply disabling the generation of certain opcodes by compilation is
not good enough. It's the namespace.
> No. It still gets destroyed outside the safe compartment. The same
> may apply to blessed $@.
>
> > Ignoring the return value wouldn't be terribly useful. Can you query
> > the contents of the Safe, without executing tied code or the like?
>
> Yes. You can wrap the user-supplied code with more code that is
> executed inside the safe compartment simply stringifies the result.
>
> For a look at how I've tried to work-round some of the more obvious
> problems with Safe, take a look at String::Interpolate.
Thanks.
> > Or is it a more general problem? the code inside the Safe can get
> > access to the outside world even without fooling the outside world to
> > execute tied code or the like? That would be just a bug in Safe.
>
> As I said, there are respected people who say there are such bugs in Safe.
Where are those discussed.... nah, I don't need to know. For my present
usage model , I'm not really that worried about security. I'm more
interested in fragility, reduction thereof.
------------------------------
Date: Thu, 16 Dec 2004 19:09:37 -0600
From: Tad McClellan <tadmc@augustmail.com>
Subject: Re: stand alone executable using pp doesn't stand alone
Message-Id: <slrncs4ceh.4if.tadmc@magna.augustmail.com>
Plotinus <mayes.s@ucles.org.uk> wrote:
> use Diagnostics;
> Now I removed the line "use diagnostics"
That line did not appear anywhere in your code, so where
did you remove it from?
--
Tad McClellan SGML consulting
tadmc@augustmail.com Perl programming
Fort Worth, Texas
------------------------------
Date: 6 Apr 2001 21:33:47 GMT (Last modified)
From: Perl-Users-Request@ruby.oce.orst.edu (Perl-Users-Digest Admin)
Subject: Digest Administrivia (Last modified: 6 Apr 01)
Message-Id: <null>
Administrivia:
#The Perl-Users Digest is a retransmission of the USENET newsgroup
#comp.lang.perl.misc. For subscription or unsubscription requests, send
#the single line:
#
# subscribe perl-users
#or:
# unsubscribe perl-users
#
#to almanac@ruby.oce.orst.edu.
NOTE: due to the current flood of worm email banging on ruby, the smtp
server on ruby has been shut off until further notice.
To submit articles to comp.lang.perl.announce, send your article to
clpa@perl.com.
#To request back copies (available for a week or so), send your request
#to almanac@ruby.oce.orst.edu with the command "send perl-users x.y",
#where x is the volume number and y is the issue number.
#For other requests pertaining to the digest, send mail to
#perl-users-request@ruby.oce.orst.edu. Do not waste your time or mine
#sending perl questions to the -request address, I don't have time to
#answer them even if I did know the answer.
------------------------------
End of Perl-Users Digest V10 Issue 7527
***************************************
