For many years PostgreSQL has included a hardened version of Perl (Pl/Perl). I have no idea how it works, but it may be worth looking at as a starting point for securing the interpreter.
![[User Picture]](http://l-userpic.livejournal.com/72003885/213436) | From:  loic
2008-07-23 05:34 am (UTC)
| (Link)
|
While I actively dislike perl this seems like a really fun project.
Does your hardened perl interpreter need to provide a way for the hosting environment to limit the time a script can execute for, or provide a way to kill running scripts? Or can that just be done with unix process control syscalls (kill, wait, etc).
![[User Picture]](http://l-userpic.livejournal.com/54541970/2) | From: brad
2008-07-23 07:30 am (UTC)
| (Link)
|
App Engine already provides that sort of stuff, but we'll probably provide some really basic implementation of it in our dev appserver, if it's easy.
From: (Anonymous)
2008-07-24 12:58 am (UTC)
Actively disliking | (Link)
|
When you say you actively dislike Perl, do you mean you actually sat around a lot, never programming in Perl, but bashing it on the intertubes?
And I, for one, hoped for Ruby.
| From: brad
2008-07-23 07:29 am (UTC)
| (Link)
|
They're not mutually exclusive.
Or you hoped that I would work on Ruby? That'd be a bad wish, because I don't know Ruby internals.
From: (Anonymous)
2008-07-23 12:00 pm (UTC)
| (Link)
|
Nono i think he meant Ruby powered Apps, like perl now. (on the wishlist)
Not you working on them! :)
It is clear that python is the winner for google.
For me, however, I have been writing since 5 years in Ruby and it is my favourite. My level of C knowledge though is very limited (which is why I tell EEEEEEVERY programmer to master C first. Ruby goes so easy on your brain, but C is significantly harder than Ruby. It requires more discipline to make things work)
Well, between rewriting my existing (Asp.Net) app to Ruby, Python and Perl I personally would first choose Ruby, then Python, but not Perl. Of course this is my personal unscientific-not-clearly-motivated choice.
With current state of things I'm going to rewrite it to Python.
It's exciting to see such announcement for Perl, since it shows that there is hope for other languages. :)
The Safe.pm module is rarely mentioned at all, but it should do most of what you need already.
But probably a more drastic (aka, delete offending parts) approach is preferred here.
| From: brad
2008-07-23 07:28 am (UTC)
Re: Safe.pm | (Link)
|
Safe.pm isn't actually all that safe, from what I hear. Historically at least it hasn't.
The more drastic approach (removing the implementation of all the bad opcodes from libperl itself) is what we'll do for a real implementation. The Sys::Protect module that Artur and I released tonight could be done with Safe.pm, but we have more ambitions with it than Safe.pm does, but in the end Sys::Protect is just for testing on developers' local machines anyway, so Safe.pm could've worked there, were it not for other sandbox restrictions we need to do in the XS code.
ohh. i think that google more like python than perl or php.
or maybe i'm not right?
| From: brad
2008-07-23 07:52 am (UTC)
| (Link)
|
You're right. Google's big languages are C++, Java, Python, and JavaScript.
That's very cool.
Another approach might be to offer a hardened JVM or CLR runtime. That way, you can just drop compiled code from whatever language onto the appengine and make it go. All the hardening of the libraries and VM would only have to be done once.
Or a hardened Parrot runtime! ;-)
You're correct, but it doesn't get us Perl :) Once Parrot is ready, that will open up a whole host of new approaches, but we're not quite there yet.
Not quite there yet?
Are we lost in the Potemkin villages?
From: (Anonymous)
2008-07-23 10:16 am (UTC)
dia clouds | (Link)
|
I see you're using those "funky" dia clouds :)
I created the following in inkscape, which dia
can open, and can then be copied and pasted as required:
http://www.pixelbeat.org/docs/web/comments/priv/cloud.svg
From: (Anonymous)
2008-07-23 11:09 am (UTC)
Very nice! | (Link)
|
Of cause I like the idea of a hardened VM too. How about parrot? That would give Perl 6 a real kick start.
From: (Anonymous)
2008-07-23 11:36 am (UTC)
CPAN? | (Link)
|
"Only vetted, security-audited XS modules will be allowed."
Does this mean all XS modules need to be vetted - or all modules must be both XS and vetted?
I'm worried if it's the second; what would be the point of perl without CPAN?
| From: brad
2008-07-23 04:34 pm (UTC)
Re: CPAN? | (Link)
|
Any pure-Perl would be allowed. So most of CPAN is still available... just not XS code on CPAN.
Are there any Tcl enthusiasts at Google who would want to add Tcl support to the App Engine list? Tcl already has a "safe interp" functionality implemented - it would be a piece of cake to add Tcl support to App Engine.
Sigh. The greatest scripting language gets left by the wayside, again.
I'm very happy to hear about this. Thanks for giving it a shot!
I am so happy to hear this. I love Perl and I can't stand Python. The language itself is a joke. What kind of programming langauge relies on tabbing. I can't believe you took it seriously.
From: (Anonymous)
2008-07-23 06:57 pm (UTC)
Re: THANK YOU!!!! | (Link)
|
Taking it seriously generally involves paying attention to things a little more significant than white space. Apparently you can't look past that minor detail.
FWIW I dislike Python and generally use Perl, but claiming that you can't stand it and that it is a joke and then not citing anything significant is just trolling.
I resisted Python for a long time for that very reason (whitespace). Truth be told, once you spend some time in the language, and get your vim settings right, it's not that big a deal. Python is far from being "a joke".
BTW, don't use tabs for formatting in Perl or Python--it makes baby Buddha cry.
![[User Picture]](http://l-userpic.livejournal.com/4721253/164057) | From: xb95
2008-07-23 06:12 pm (UTC)
| (Link)
|
This could be rad.
Just recently I was thinking that the reason for many of my app ideas not developed is that I only feel in the right mood in my favorite Perl and that I don't want to care for infrastructure anymore - too tired of it at work. Google Apps was part of the answer and I even considered to start torturing myself into Python on a daily basis so I don't get that tired of it, but it didn't work for about 5-6 times so Perl support might do that for me ;) I wonder how much of LWP you're planning to bring over - will it be possible to have granular HTTP support of modules like http://search.cpan.org/~sergeyche/LWP-ConnCache-Resolving/ (I wrote it to make single connection to LiveJournal servers when fetching FOAF files so there is only one connection to Perlbal).
![[User Picture]](http://l-userpic.livejournal.com/63775490/1116764) | From: markemer
2008-07-25 05:51 pm (UTC)
I agree wholeheartedly | (Link)
|
When ever I get a yen to do something cool, I always seem to do it in Perl. I just can't get in the right mood using python. I have tried quite a few times to get into it, but I just can't. I for one am willing to help as much as I can manage to find time.
| From: brad
2008-07-27 12:55 am (UTC)
| (Link)
|
LWP's so common that I imagine I'll provide a fake module which quacks like a duck, so must be LWP. (but actually does the URLFetch service transparently)
From: atl
2008-07-25 10:46 am (UTC)
| (Link)
|
Although this writeup has a lot of negative commentary, the hardened Perl interpreter does sound similar to what's going on at the BBC/Siemens. With Google's clout, sounds like an interesting place to reach out for expertise. | 
