Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid
 
PerlMonks  

Re^3: The importance of avoiding the shell

by parv (Parson)
on Sep 27, 2014 at 12:04 UTC ( [id://1102215]=note: print w/replies, xml ) Need Help??


in reply to Re^2: The importance of avoiding the shell
in thread The importance of avoiding the shell

I was trying to create an example for FreeBSD 8-STABLE, and found that one cannot rely on (from system) ...

... If there is only one scalar argument, the argument is checked for shell metacharacters, and if there are any, the entire argument is passed to the system's command shell for parsing (this is "/bin/sh -c" on Unix platforms, but varies on other platforms). If there are no shell metacharacters in the argument, it is split into words and passed directly to "execvp", which is more efficient. ...

... as I could not find any trace of a shell for system q[date 2>&1] & ktrace via ...

ktrace -di perl -e 'print system q[date 2>&1]' \ && kdump -d | fgrep /bin/sh

... had to use ...

ktrace -di perl -e 'print system q[date 2>&1 </dev/null]'

... to invoke the shell (/bin/sh). Apparently 2>&1 does not qualify as shell metacharacters (here).

(An actual example has yet to be produced.) date 2

Replies are listed 'Best First'.
Re^4: The importance of avoiding the shell
by Corion (Patriarch) on Sep 27, 2014 at 12:09 UTC

    Perl has special logic to recognize 2>&1 to make this idea work on Windows. The Windows default shell (cmd.exe) does not understand 2>&1, but (too) many programmers use this idiom.

      The Windows default shell (cmd.exe) does not understand 2>&1

      Say what?


      With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'
      Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
      "Science is about questioning the status quo. Questioning authority".
      In the absence of evidence, opinion is indistinguishable from prejudice.

        At least on my machine, it doesn't:

        C:\Users\Corion>perl -le "warn 'foo';print 'bar'" foo at -e line 1. bar C:\Users\Corion>perl -le "warn 'foo';print 'bar'" >tmp.txt foo at -e line 1. C:\Users\Corion>perl -le "warn 'foo';print 'bar'" 2>&1 >tmp.txt foo at -e line 1. C:\Users\Corion>ver Microsoft Windows [Version 6.1.7601] C:\Users\Corion>

        Update: And I think I've been using the shell direction wrong, because it understands it if I redirect the filehandles in a different order:

        C:\Users\Corion>perl -le "warn 'foo';print 'bar'" >tmp.txt 2>&1 C:\Users\Corion>type tmp.txt foo at -e line 1. bar

        I always think "First, redirect filehandle 2 to filehandle 1, then redirect the output to filehandle 1 to a file.". But that this is wrong and I need to do it the other way around.

      Thanks much Corion; that helps in my understanding.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://1102215]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others having a coffee break in the Monastery: (6)
As of 2024-03-28 10:21 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found