comment on

perhaps if I were using the 'e' flag it would be a problem.

You're using string eval, its a problem right now, just because I didn't provide working exploit on purpose

That to me is like saying, "go to your terminal, and type ...

Imagine some user telling you , hey, I can't get your program to work, here is what I tried, and then you enter what the user gives you, and you execute rm -rf

Imagine forgetting how your program works, and accidentally getting rm -rf to execute

You do absolutely nothing to ensure that can't happen. The cheapest option is to use taint (-T).

If this is just a program for personal use, why wouldn't you simply use perl -E ... ?

In reply to Re^7: hex code passed from command line is interpreted literally in substitution by Anonymous Monk
in thread hex code passed from command line is interpreted literally in substitution by Allasso

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.