Are you dealing with CGI requests? $cgi->remote_addr(). If the web server is setup to do reverse lookup, you can get the address as a domain name from $cgi->remote_host().

If you're dealing with sockets, getpeername.

Thanks everyone. Some more clarity on this...
It is not cgi. I will be executing the remote code using ssh for example : ssh oracle@dbhost1 "/opt/oracle/runroot.pl"
within runroot.pl I want to make sure that the request is originating from an authorized machine.
agreed that authorization etc is handled in a different way.
I tried to use getpeername. however it is not returning anything. looks like I have to open a socket first and sort of listen on the other end then I would be able to get the getperrname(SOCK)?
I guess ssh creates some sort of a socket right? Do I have to create explicit socket to find out the host on the other side? It is complicating things :(
At the peril of sounding foolish, can I just harness the socket created by ssh connection instead? Is it possible?
thanks a lot

Request implies a server, and if it comes from another machine, it implies a socket. That's why I mentioned it.

In fact, there is a socket involved, but it's not connected to STDOUT according to a test.

$ ssh localhost 'perl -E'\''say getpeername(\*STDOUT) || die $!'\'''
Socket operation on non-socket at -e line 1.
[download]

Sorry, I don't know the solution to your problem.

Authorization and authentication are best handled using cryptographic techniques, because nothing in an incoming request packet can be relied upon.   However, in order to properly answer your question we would need to know a great deal more about the situation.   Where are the requests coming from, both geographically and programmatically speaking?   What is the situation here?   Describe the problem in context.

My ssh server sets up some env vars:

$ ssh user@host set | grep -i ssh
SSH_CLIENT='1.2.3.4 52714 22'
SSH_CONNECTION='1.2.3.4 52714 2.3.4.5 22'
[download]

1.2.3.4:52714 is the ssh client
2.3.4.5:22 is the ssh server

Of course, those can be faked. (e.g. ssh oracle@dbhost1 "SSH_CLIENT='127.0.0.1 1234 22' /opt/oracle/runroot.pl")

I'd look to restrict it within ssh, unix permissions, and sudo - not within the script itself.

One possibility: Create a new account on the local machine; make it the owner of the script; in its .ssh profile, allow connections only from the other server. Give the script owner-only permissions (700). Then from the remote host:

ssh oracle2@dbhost1 "/opt/oracle/runroot.pl"
[download]

Or maybe, create the new account as above; but make the script root-owned and 700; and via sudo, allow only the new account to run the script. Then, from the remote host:

ssh oracle2@dbhost1 "sudo /opt/oracle/runroot.pl"
[download]

I think we are going to end up doing this. he list of machines could be 100s so was trying to avoid creating a user...
looks like there is no other way.
planning to see if a simple program with a socket ofcourse client/server model will do...

Your earlier descriptions sounded very much one-to-one. Now, I don't think I understand your problem at all...