FAQ
Hi,

attached patch adds a few words of warning perlop and perlrun, telling
people that <> doesn't open files from @ARGV, but passes them to open()
instead.

Currently this is only documented very indirectly, which might cause
unpleasant surprises.

I don't know if a word of warning should go into perlsec as well, and if
yes, in which section.

Cheers,
Moritz

Search Discussions

  • Paul Johnson at Oct 30, 2008 at 4:55 pm
    On Thu, Oct 30, 2008 at 06:39:44PM +0100, Moritz Lenz wrote:

    Carefully restricting comments to the grammar only:
    +Since the null filehandle uses the two argument form of L<perlfunc/open>
    +it interprets special characters, so if you have a script like this:
    +
    + while (<>) {
    + print;
    + }
    +
    +and call it with C<perl dangerous.pl 'rm -rfv *|'>, it actually opens a
    +pipe, execute the C<rm> command and read C<rm>'s output from that pipe.
    executes and reads
    +If you all items in C<@ARGV> to be interepreted as file names, you can
    If you want

    --
    Paul Johnson - paul@pjcj.net
    http://www.pjcj.net
  • Moritz Lenz at Oct 30, 2008 at 4:57 pm

    Moritz Lenz wrote:
    +If you all items in C<@ARGV> to be interepreted as file names, you can
    that's missing a "want", vincent++.

    Attached patch fixes that.

    Moritz
  • Abigail at Oct 30, 2008 at 6:25 pm

    On Thu, Oct 30, 2008 at 06:58:30PM +0100, Moritz Lenz wrote:
    +
    +and call it with C<perl dangerous.pl 'rm -rfv *|'>, it actually opens a
    +pipe, execute the C<rm> command and read C<rm>'s output from that pipe.
    +If you want all items in C<@ARGV> to be interepreted as file names, you
    interpreted
    +can use the module C<ARGV::readonly> from CPAN.

    Abigail
  • Moritz Lenz at Oct 30, 2008 at 6:29 pm
    Next try, featuring
    use less qw(typos grammaros);

    Thanks to Paul, Abigail and Vincent.

    Moritz
  • Rafael Garcia-Suarez at Oct 30, 2008 at 9:34 pm

    2008/10/30 Moritz Lenz <moritz@casella.verplant.org>:
    Next try, featuring
    use less qw(typos grammaros);

    Thanks to Paul, Abigail and Vincent.
    Thanks, applied as #34670.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupperl5-porters @
categoriesperl
postedOct 30, '08 at 4:38p
activeOct 30, '08 at 9:34p
posts6
users4
websiteperl.org

People

Translate

site design / logo © 2022 Grokbase