in reply to RE: Is this system call hazardous for my computers health??
in thread Is this system call hazardous for my computers health??

Yes the script does run as root. These are the kind of situations Im woried about. Thank you for these pointers. Then should I rewrite the code as follows? :

if (-e $tmp_dir) {
    if (-l $tmp_dir) { 
       die "Temporary folder $tmp_dir is a symbolic link!\n"
    }else{
       system ("rm","-rf",$tmp_dir);
       mkdir ($tmp_dir) or 
          die "Unable to make temp folder: $tmpdir: $!\n";
    } 
}else{
    mkdir ($tmp_dir) or 
        die "Unable to make temporary folder $tmp_dir: $!\n";
}

[download]

Thanks!
zzspectrez

Replies are listed 'Best First'.
Re: Re: RE: Is this system call hazardous for my computers health??
by BastardOperator (Monk) on Nov 16, 2000 at 05:56 UTC
    Let me direct you to (and I'm by far not trying to pat myself on the back here, but I searched long and hard to come up with what I have, so consider it a smorgesboard (sp?) of my experiences with these same questions) cksec, in particular check out the verifyfile() sub (must carefully read all of the sub) which makes sure a file is what it should be. Also, check out the updatedb() sub, which actually writes to a file and so ensures that it is what it should be.

    I wish I could remember where I found this info, in order to give credit to the author, unfortunately I cannot...wait...ah yes, it's from the book Perl for Systems Administrators, which while having too much Windows stuff for my taste, has some great info.

    Hope I've helped, enjoy!
[reply]

In Section Seekers of Perl Wisdom