"JupiterHost" == JupiterHost Net <[EMAIL PROTECTED]> writes:
JupiterHost> Hello,
Is there any possible way that somebody writing a "plug-in" would be able to some how dump the code from the require'ing script? The people writing the plug-ins do not have access to any of the code, so im trying to make sure they can't access it in any other way.
JupiterHost> If I was trying to see the source I'd:
JupiterHost> open ZERO, $0 or die "Could not peek $!"; JupiterHost> print while(<ZERO>); JupiterHost> close ZERO
And more than that:
my %sources; local *ARGV; local $/; @ARGV = ($0, values %INC); while (<>) { $sources{$ARGV} = $_; }
There. The entire source code for the application is now in %sources. Every .pm, every require, and the top-level application.
Enjoy.
Out of curiousity (because I really don't know) couldn't you init the process as a user who has read privileges on the main source files, then drop the program to a different (read: lower) effective/real uid whom does not have read access to any of the source files? That should thwart both of the above suggestions. But then there is always deparsing and the B::* modules, which probably provide a way to get back to it, but that is beyond my knowledge.....
The OP might want to check out the 'Safe' module to see if it provides enough facilities to restrict the user from anything unwanted... presumably you could prevent use/require of the B space.
http://danconia.org
-- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] <http://learn.perl.org/> <http://learn.perl.org/first-response>
