SafeUntrap — specify operation codes to untrap in Safe.pm compartments
The directive defines the opcodes that will be untrapped in the
Safe
compartments, for use in
embedded Perl and conditional operations.
Define it as blank to prevent any operators but the default restrictive ones.
For a complete discussion and the complete list of opcodes, see Opcode(3perl) manual page.
Example: Allowing -s function to determine file size
The following code fails to work with the default SafeUntrap setting.
[set upload_repository]upload/[/set] [calcn]-s $Scratch->{upload_repository};[/calcn]
Adding ftsize
to SafeUntrap solves this problem:
SafeUntrap ftsize
Example: Allowing a group of file-related operations
[set data_file]products/biglist.txt[/set] [calcn]-r $Scratch->{data_file};[/calcn]
Adding :filesys_read
to SafeUntrap solves this problem:
SafeUntrap :filesys_read
See the Opcode(3perl) manual page for more information and the complete list of operation codes and groups.
Interchange 5.9.0:
Source: lib/Vend/Config.pm
Line 3780 (context shows lines 3780-3800)
sub parse_array { my($item,$settings) = @_; return '' unless $settings; my(@setting) = grep /\S/, split /[\s,]+/, $settings; my $c; if(defined $C) { $c = $C->{$item} || []; } else { no strict 'refs'; $c = ${"Global::$item"} || []; } for (@setting) { check_legal($item, $_); push @{$c}, $_; } $c; }