You should only use the single-argument form of system if you have complete control over the strings that are interpolated in the system call. On the practical side, your current script won't work if there are spaces, quotation marks, or other special characters in the filenames.

But maybe more importantly, passing unchecked data directly to the shell is a security no-no. In your case, anyone who can create a file within the working directories of this script can execute any command as the user executing the script. So for example, if you plan to use this script from root's crontab and parse through some data files in joe's home directory, joe could very quickly do some nasty things (i.e, touch "; cat /etc/shadow | mail joe ;")

OK, maybe this example is a little far fetched for this innocuous script, but it's a good habit to avoid single-argument system... if only for the reason that spaces and quotation marks in filenames won't Just Work. Better to use the multi-argument form which bypasses the shell, solving all of these problems: 

system("/bin/cp", "-f", "$dirname/$file", "malign.top");
system("/bin/cp", "-f", "$dirname/$file", "get-model.top");
system("/usr/local/modeller6v2/bin/mod6v2", "$dirname/malign.top");
system("/usr/local/modeller6v2/bin/mod6v2", "$dirname/get-model.top");

[download]
Now the arguments get directly passed via exec, and not through the shell, so the filenames can contain any stuff at all (including spaces & quotes) and the script still works as you'd expect (without doing anything unexpected/insecure).

blokhead

In reply to Re: automating linux commands in perl by blokhead
in thread automating linux commands in perl by Anonymous Monk

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.