http://www.perlmonks.org?node_id=971892


in reply to Re^4: Bug in perl command line processing?
in thread Bug in perl command line processing?

Absolutely.

BTW: It doesn't seem to propagate into full-fledged scripts like this:

#!/usr/bin/perl -i'foo e eval "warn q[bar]" ' 1;

From what I can tell, -i has to actually appear on the command-line, which hopefully self-limits its significance as a tool for exploit.


Dave

Replies are listed 'Best First'.
Re^6: Bug in perl command line processing?
by Anonymous Monk on May 22, 2012 at 22:58 UTC

    From what I can tell, -i has to actually appear on the command-line

    Yup,

    $ cat uhoh #!/usr/bin/perl -i.bak e die(666) 1; $ perl uhoh Can't emulate -e on #! line at uhoh line 1.

    which hopefully self-limits its significance as a tool for exploit.

    Hmm, the only exploit situation i an envision is someone naively automating perl, for example from perl

    system $^X, "-i$bak", ...

    which doesn't seem unreasonable. I suppose given that -e commandline documents

    $ perl -e warn(1); -e die(2); 1 at -e line 1. 2 at -e line 2.

    folks might be scared away from automating perl this way, but then again whitespace in paths is not unheard of