Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

comment on
( [id://3333]=superdoc: print w/replies, xml ) Need Help?? 
    if(!-w $mp3_file)
      {
        # This shouldn't happen but...
        chmod 0755,$mp3_file;
      }

[download]

Why do you try to make an MP3 file world executable if you can't read it? And why do you make it readable for group and world? Why do you even think about changing the mode of files that are not writeable?

There are usually good reasons for chmod -w somefile and chmod go-rw somefile: I don't want to accidentally modify a file in the first case, and I don't want others to read my files in the second case. Your hardcoded chmod 0755 ignores both. To make things worse, it sets the executable flag, possibly creating a new vulnerability.

I won't start with race conditions between stat (implied in -w) and open, because MP3::Tag has the same problem, so your code does not make it worse in this special case. Generally, one should not try to predict if open fails or succeeds by using stat. It can't work reliably (race condition), and it is not needed. open sets errno a.k.a. $! on error, and errno delivers sufficient information why open failed.

Alexander

--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)

In reply to Re^2: I need help about MP3::Tag and perl script. by afoken
in thread I need help about MP3::Tag and perl script. by osmy

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":


  • Are you posting in the right place? Check out Where do I post X? to know for sure.
  • Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
    <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
  • Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
  • Want more info? How to link or How to display code and escape characters are good places to start.
Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others meditating upon the Monastery: (3)
As of 2024-04-16 23:19 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found