RE: Can System() of Perl be bypassed?
From: NESTING, DAVID M (SBCSI) (dn3723@sbc.com)
Date: 01/28/03
- Previous message: Michael McKay: "RE: PGP scripting..."
- Maybe in reply to: Sandeep Giri: "Can System() of Perl be bypassed?"
- Next in thread: Brian Reichert: "Re: Can System() of Perl be bypassed?"
- Reply: Brian Reichert: "Re: Can System() of Perl be bypassed?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "NESTING, DAVID M (SBCSI)" <dn3723@sbc.com> To: secprog@securityfocus.com Date: Tue, 28 Jan 2003 16:35:30 -0600
-----Original Message-----
From: Brian Hatch [mailto:secprog@ifokr.org]
Sent: Thursday, 23 January, 2003 12:44
To: Ian Charnas
Cc: Sandeep Giri; secprog@securityfocus.com
Subject: Re: Can System() of Perl be bypassed?
> open2(\*READ, \*WRITE, '/bin/grep', $sanitized_arg,
> "/usr/dict/words") or die;
Note also that in 5.8, if all you're interested in is STDOUT, Perl lets you
do this:
open(FH, "-|", "/bin/grep", $sanitized_arg, "/usr/dict/words") or die ...;
This is somewhat equivalent to doing the fork and exec in list form, which
would not invoke the shell to parse the command string.
More goodies: http://www.perldoc.com/perl5.8.0/pod/func/open.html
David
- Next message: Crispin Cowan: "Re: safe strcpy()?"
- Previous message: Michael McKay: "RE: PGP scripting..."
- Maybe in reply to: Sandeep Giri: "Can System() of Perl be bypassed?"
- Next in thread: Brian Reichert: "Re: Can System() of Perl be bypassed?"
- Reply: Brian Reichert: "Re: Can System() of Perl be bypassed?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
