unlink can be as harmful as rm on unix systems, or del on windows systems, which is to say on physical level, not very dangerous. As for wiping out a file system, with a little bit of looping, or some wildcards sure its possible.
Given the example you gave about what happens when the file is not there, it will simply return an error to the calling programing. No damage done. Since you mentioned CGI, I would add two cuations.
- If the agruemnts passed to the unlink call are generated from user input, check that input very closely. to amke sure no one can pass in some data to destory files you dont want to destroy.
- Run the webserver software as a low privilage user, and only grant that user access to files it needs
By doing that you can limnmit the potential for logical damage, the second one is espcially nice protection from coding / logic errors. FOr more about good security practices a great resource is chapter 3 of the
online course from our own
Ovid