in reply to Checking for unlinked process executables

Nice! I've got two style nits that I would have used had I written this code:
  1. I try to use significant variable names: $i -> $pid
  2. I always try to reduce the number of indent levels: if -> next
So the body of the code would look like this if I had written it: 
my $pid;

for $pid (0..65536) {
  #test -f $pid/cmdline && (cat $pid/cmdline; echo $pid);
  next unless -f "/proc/$pid/exe";

  my $target = readlink "/proc/$pid/exe";
  next if -f $target;

  open F, "< /proc/$pid/cmdline";
  my @data = <F>;
  print "ALERT: '@data' is running (pid $pid)\n";
  close F;
  local $/ = "\x00";
  open F, "< /proc/$pid/environ";
  @data = <F>;
  print "ALERT: 'environment: @data'\n";
  close F;
};

[download]

Liz

In Section Cool Uses for Perl