unlink can be as harmful as rm on unix systems, or del on windows systems, which is to say on physical level, not very dangerous. As for wiping out a file system, with a little bit of looping, or some wildcards sure its possible.
Given the example you gave about what happens when the file is not there, it will simply return an error to the calling programing. No damage done. Since you mentioned CGI, I would add two cuations.
- If the agruemnts passed to the unlink call are generated from user input, check that input very closely. to amke sure no one can pass in some data to destory files you dont want to destroy.
- Run the webserver software as a low privilage user, and only grant that user access to files it needs
By doing that you can limnmit the potential for logical damage, the second one is espcially nice protection from coding / logic errors. FOr more about good security practices a great resource is chapter 3 of the
online course from our own
Ovid
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
| |
For: |
|
Use: |
| & | | & |
| < | | < |
| > | | > |
| [ | | [ |
| ] | | ] |
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.