Re^3: chroot a directory...

Fair enough about chroot... but there still isn't a reason to NOT use 3-arg open() - is there? Especially when the user input is untrusted.

As per the OP's latest node, if they use:

open (FILE,  "$path")
[download]

(rather than $docroot$path or whatever) then a client could request a $path of ">important.file" which could (depending on permissions) clobber the important file. Using the 3-arg open() suppresses the "special" interpretation of the first character.

s^^unp(;75N=&9I<V@`ack(u,^;s|$.+\`|"$`$'\"$&\"$"|ee;/m.+h/&&print$&

Comment on Re^3: chroot a directory... Select or Download Code