in reply to Re: Re: Re: Re: How to do that with eval ?
in thread How to do that with eval ?
By 'above' I was refering to my previous post. If you run an eval on user input, the user input could be anything. In this case if the user instead of entering '>=' like we expect, enters ';`sudo rm -rf /`;' this will make the eval execute this extremely damaging command.
For more reasons of how to make sure you are not allowing users to do bad things, please read the perlsec manpage
For more reasons of how to make sure you are not allowing users to do bad things, please read the perlsec manpage
|
|---|
In Section
Seekers of Perl Wisdom