Front page | perl.perl5.porters |
Postings from July 2008
On approximately 7/28/2008 11:38 AM, came the following characters from
the keyboard of Mark Dominus:
> On Mon, 2008-07-28 at 09:58 +0100, Ed Avis wrote:
>> We've done a little survey here
>
> I disagree. You have not, and even if you had, it would probably not be
> worth anything anyway.
>
>> and IIRC the answers were
>
> I have used that feature more than once.
>
> For example, I have a program that generates reports from my web server
> logs which begins:
>
> #!/usr/bin/perl -lan
>
> BEGIN {
> for (@ARGV) {
> if (/\.gz$/) {
> $_ = "gzip -dc $_ |";
> }
> }
> }
> ...
Nary a "while(<>)" in sight in that code snippet. I guess you are
preprocessing real file names in preparation for a later "while(<>)"?
Have you shared that code with anyone? If so, how do you protect them
from overwriting their file "boo.gz" when they also have a file
">boo.gz" in the same directory, and invoke your program with
"mark's script" *
I'm sure it is quite safe in your web server environment, which doesn't
have such names, and is secure from having such names created therein,
but you shouldn't assume your customers are so lucky.
So programs such as your sample snippet would need an extra line
use magic_argv 'pipes'; # or something similar
to continue working if the change is made in the scope of the
"while(<>)" statement.
--
Glenn -- http://nevcal.com/
===========================
A protocol is complete when there is nothing left to remove.
-- Stuart Cheshire, Apple Computer, regarding Zero Configuration Networking
Thread Previous
|
Thread Next