Re: security patch for perl 5.6.1


Your skill will accomplish what the force of many cannot
	PerlMonks

Re: security patch for perl 5.6.1

by kutsu (Priest)

on Jan 28, 2005 at 21:41 UTC ( [id://426126]=note: print w/replies, xml )

Need Help??

in reply to security patch for perl 5.6.1

This issue is likely due to a design error that causes the application to fail to verify the existance of a file before writing to it.

This isn't an error, and is easily avoidable, with two different methods, like this:

if (-e '/path/to/somefile') #method one (perldoc -f -X)
{
  #method two (die statements, see perldoc -f open)
  open(OUTFILE, ">>/path/to/somefile") or die "can't open file: $!";
  #or
  open(INFILE, "/path/to/somefile") or die "can't open file: $!";
}
[download]

Update: Added reference to filetest (-X) perldoc

"Cogito cogito ergo cogito sum - I think that I think, therefore I think that I am." Ambrose Bierce

Comment on Re: security patch for perl 5.6.1 Download Code

Replies are listed 'Best First'.
Re^2: security patch for perl 5.6.1 by Qiang (Friar) on Jan 29, 2005 at 05:56 UTC
I havn't taken time to read various related holes. but if the fix is that easy as you stated, I am willing to do it by myself. otherwise, it looks like I have to upgrade to the latest perl.	[reply]

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://426126]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others romping around the Monastery: (3)

As of 2024-04-19 20:41 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found