Re: Create unique scratchdir name

<rant>

forget security i not did. Did you read my comment? i said it would depend on circumstance. Feel free to enlighten me on the security reisk in the following...

Let's say I'm using this to name a log file created from a cron job once a day? What's the security hole?

Let's say i use it to name a backup tar file?

Let's say i have a box that only has SSH entry. Don't you think if a hacker got into that I'd be a little more worried about the fact that the'd got in than the fact that they can change a filename?

Everything has a security hole if you someone gets in as root, but sometimes it just doesn't matter. When i write a script on my Windows box that runs once a day to backup stuff, do i worry about security? No, because if someone's on my box and can change my data, security of that script is a mute issue.

Not everything in Perl's on a web server.

Or to continue in the quote vein, "Even a monkey can read Nietche, he just doesn't understand it either." - Jamie Lee Curtis in a Fish Called Wanda.

</rant>

.02

cLive ;-)

--
seek(JOB,$$LA,0);

Comment on Re: Create unique scratchdir name

Replies are listed 'Best First'.
Re: Re: Create unique scratchdir name by hsinclai (Deacon) on May 15, 2002 at 02:25 UTC
Just to second your comment cLive ;-), the earlier unfounded preaching about security was a little on the negative side -- as you say, it absolutely does depend upon circumstance and that snippet was completely out of context! "Secure" in one environment could mean completely "insecure" in some other environment, anyway the snippet (your improved version of it) is going into a utility script which parses text records of hostnames and IP Addresses (into bind zone file format) which unfortunately must be gathered by hand from an NMS environment already in production. Output directories are created however if an IP address fails to pass an integrity test, the script might have to be run another time by the indentured servant operator after correcting the IP. Then the results will have to be gathered so it's actually OK in this environment for anyone and everyone to see and know about these directories, and leaving older directories from the same day will save the servantry from having to learn enough Unix to delete any unwanted directories. This machine is on a private trusted network and the staff is trusted. `$Id: .signature,v .99 Sun May 12 19:48:45 2002 hsinclai Exp $ Program terminated {7} abnormal CONTACT YOUR SUPERVISOR` [download]	[reply] [d/l]

Replies are listed 'Best First'.

Re: Re: Create unique scratchdir name
by hsinclai (Deacon) on May 15, 2002 at 02:25 UTC

$Id: .signature,v .99 Sun May 12 19:48:45 2002 hsinclai Exp $
Program terminated
{7} abnormal   CONTACT YOUR SUPERVISOR
[download]

[reply]
[d/l]