Re: Re: Dynamic Variable Names?


We don't bite newbies here... much
	PerlMonks

Re: Re: Dynamic Variable Names?

by Anonymous Monk

on Jul 23, 2002 at 23:41 UTC ( [id://184648]=note: print w/replies, xml )

Need Help??

in reply to Re: Dynamic Variable Names?
in thread Dynamic Variable Names?

... but security is only an argument if you use data from the untrusted environment as variable names.

Really?

Whenever code does not behave as expected, there is a real possibility of an unexpected consequence that compromises security. Therefore any programming practice that leads to bugs is also a source of potential security flaws, even if it is not obvious how to get there.

Comment on Re: Re: Dynamic Variable Names?

Replies are listed 'Best First'.
Re: Dynamic Variable Names? by Abigail-II (Bishop) on Jul 24, 2002 at 08:37 UTC
The only coding practice that doesn't lead to bugs is to not code at all. eval()s are as dangerous as code written with vi - you can make the same mistakes. Abigail	[reply]
Re: Re: Dynamic Variable Names? by Anonymous Monk on Jul 25, 2002 at 00:36 UTC
You can make the same mistakes with any coding practice - agreed. Which leads to the question of how often you make them, and how quickly you catch them. I submit that liberal usage of eval for most people leads to more mistakes, and more difficulty in tracking them down and debugging them. (Particularly if you don't religiously check $@.) Given its power it is sometimes worth going there. But not when there are built-in constructs for doing the same thing you are trying to do.	[reply]

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://184648]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others scrutinizing the Monastery: (1)

chatterbot

As of 2024-04-25 04:27 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found