Hosting Provided By

RE: Can System() of Perl be bypassed?

From: NESTING, DAVID M (SBCSI) <dn3723(at)sbc.com>
Date: Tue Jan 28 2003 - 17:35:30 EST

-----Original Message-----
From: Brian Hatch [mailto:secprog@ifokr.org] Sent: Thursday, 23 January, 2003 12:44
To: Ian Charnas
Cc: Sandeep Giri; secprog@securityfocus.com Subject: Re: Can System() of Perl be bypassed?

> open2(\*READ, \*WRITE, '/bin/grep', $sanitized_arg,

Note also that in 5.8, if all you're interested in is STDOUT, Perl lets you do this:

open(FH, "-|", "/bin/grep", $sanitized_arg, "/usr/dict/words") or die ...;

This is somewhat equivalent to doing the fork and exec in list form, which would not invoke the shell to parse the command string.

More goodies: http://www.perldoc.com/perl5.8.0/pod/func/open.html

David Received on Tue Jan 28 17:46:14 2003

This message: [ Message body ]
Next message: Crispin Cowan: "Re: safe strcpy()?"
Previous message: Michael McKay: "RE: PGP scripting..."
Maybe in reply to: Sandeep Giri: "Can System() of Perl be bypassed?"
In reply to epicmc(at)optonline.net: "RE: Can System() of Perl be bypassed?"
Next in thread: Brian Reichert: "Re: Can System() of Perl be bypassed?"
Reply: Brian Reichert: "Re: Can System() of Perl be bypassed?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:46 EDT

Do you need help?