doc icon indicating copy to clipboard operation
doc copied to clipboard
verified publisher icon Raku

`use MONKEY-SEE-NO-EVAL` is not a security feature.

Open gfldex opened this issue 2 years ago • 1 comments

Nor can it be made one. See discussion: https://irclogs.raku.org/raku-dev/2023-05-17.html#12:54

We better make that clear in /language/pragmas#MONKEY-SEE-NO-EVAL and /type/independent-routines#routine_EVAL . Especially the latter gives the impression that the absense of use MONKEY*; makes code safer.

gfldex avatar May 17 '23 13:05 gfldex

Well, to be able to use nqp, you would either have to do use nqp or use MONKEY-GUTS. Either of those should be a flag, just like use MONKEY-SEE-NO-EVAL.

Or am I missing something?

lizmat avatar May 17 '23 13:05 lizmat