Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid
 
PerlMonks  

Re: unlink Question

by Desdinova (Friar)
on Nov 11, 2003 at 17:35 UTC ( [id://306287]=note: print w/replies, xml ) Need Help??


in reply to unlink Question

unlink can be as harmful as rm on unix systems, or del on windows systems, which is to say on physical level, not very dangerous. As for wiping out a file system, with a little bit of looping, or some wildcards sure its possible.

Given the example you gave about what happens when the file is not there, it will simply return an error to the calling programing. No damage done. Since you mentioned CGI, I would add two cuations.
  1. If the agruemnts passed to the unlink call are generated from user input, check that input very closely. to amke sure no one can pass in some data to destory files you dont want to destroy.
  2. Run the webserver software as a low privilage user, and only grant that user access to files it needs
By doing that you can limnmit the potential for logical damage, the second one is espcially nice protection from coding / logic errors. FOr more about good security practices a great resource is chapter 3 of the online course from our own Ovid

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://306287]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others studying the Monastery: (5)
As of 2024-03-29 00:39 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found