Well, I was actually making a *shudder*
joke. No, something as simple as injecting /etc/shadow into someone's list of files is not exactly tantamount to a root vulnerability. (But you
should fear if someone injects
etcshadow into your code.)
However, depending on what you were planning to do with that list of files, it might have been a Bad Thing to have /etc/shaddow injected into it... particularly if this script were being run as root.
In case you haven't noticed... using find with -print (which is the defualt command for find) is one of my pet-peeves.
Use -print0 or -exec.
Use -print0 or -exec!
Use -print0 or -exec!!!
example code:
my @files;
{
local $/="\0";
chomp (@files = `find . -print0`);
}
How hard was that? Now you have shut me down. You are l33t, and I am suX0rz.
------------
:Wq
Not an editor command: Wq
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
| |
For: |
|
Use: |
| & | | & |
| < | | < |
| > | | > |
| [ | | [ |
| ] | | ] |
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.