develooper Front page | perl.perl5.porters | Postings from March 2000

Ilya Zakharevich <ilya@math.ohio-state.edu>

Thread Next
From:
M.J.T. Guy
Date:
March 17, 2000 06:41
Subject:
Ilya Zakharevich <ilya@math.ohio-state.edu>
Message ID:
E12VxwU-0002mn-00@ursa.cus.cam.ac.uk
Ilya Zakharevich <ilya@math.ohio-state.edu> wrote
> M.J.T. Guy writes:
> > Hmmm... perhaps it can guess.   Suppose we put a test in the perl
> > argument processing "does a file of this name exist?" analogous to
> > the one in Tom's proposed patch.    What genuine usage would that
> > bite?
> 
> Open "foo |" as a file if it exists, or as a pipe otherwise looks like
> a much deeper magic than what one would ever want.

Err... this subthread isn't about magic open  -  its about the
danger of files called things like "-e;system'rm -rf /';".

> Why not use 3-arg open in cases when you do not want magic?

Of course 3-arg open is valuable.    But the original topic of this
thread is "How do we protect people from themselves when they aren't
using 3-arg open?".    In particular with <>, where the option of
3-arg open doesn't exist.


Mike Guy

Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About