in reply to Re^7: Question using system.
in thread Question using system.

I guess the assumption here is that the script is executing with higher privs than the user supplying the arguments? If that's the case, then that's what I was missing. Otherwise, there's nothing to stop the user from just typing "rm -rf /".

In any case, thank you kindly for the explanation. Much appreciated. 


-- 
Human history becomes more and more a race between education and catastrophe. -- HG Wells

Replies are listed 'Best First'.
Re^9: Question using system.
by ikegami (Patriarch) on Jul 10, 2008 at 22:18 UTC

    I guess the assumption here is that the script is executing with higher privs than the user supplying the arguments?

    Not necessarily. Imagine this simple backup script. 

    my @to_backup = File::Find::Rule->file()
                                ->...
                                ->in('.')

for my $file_qn (@to_backup) {
   open(my $backup, "backup $file_qn |")
      or die;

   ...
}

    [download]

    By running the above, you'd be running commands outside of the script's control, even if there's no intent (malevolent or otherwise) to do so. Fix: 

    my @to_backup = File::Find::Rule->file()
                                ->...
                                ->in('.')

for my $file_qn (@to_backup) {
   open(my $backup, '-|', 'backup', $file_qn)
      or die;

   ...
}

    [download]
[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom