Beefy Boxes and Bandwidth Generously Provided by pair Networks
The stupid question is the question not asked
 
PerlMonks  

Re^3: Practical example of "Is Perl code maintainable" (File::stat)

by tye (Sage)
on Aug 14, 2007 at 02:39 UTC ( #632371=note: print w/replies, xml ) Need Help??


in reply to Re^2: Practical example of "Is Perl code maintainable" (golf)
in thread Practical example of "Is Perl code maintainable"

It is even easier to avoid it by not using the module at all. The amount of code required to replace the module is small enough that it is hardly worth using the module unless it provides a marked interface improvement, which it comes close to doing. Perhaps before Perl 5.8 it fully succeeded.

And I think it would only require (any number of) minimal changes to the module for it to be generally useful to me. As is, it just misses the mark except in limited situations. Offering to export stat()/lstat() with non-conflicting names [Stat()/LStat()] and populate() with a better name1 would certainly suffice.

1 StatHash(stat _) ? Except File::stat doesn't produce a hash. It produces a Class::Struct object. So $st= StatObj( -d ? stat _ : lstat ) for $fileName;.

- tye        

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://632371]
help
Chatterbox?
[Corion]: Otherwise, I would imagine that a user with a process still alive would lock that information in memory.
[davido]: so last -f /var/run/utmp on ubuntu provides similar (though more verbose) info
[oiskuu]: glibc getlogin just does ttyname() and falls back on getutline(); it's not security related at all. (reminds me of sendmail and remote finger services of the naive early spam era)
[Corion]: But yes, "who started this process" is interesting information :)
[tye]: no, I really believe that "login user" was added as a fundamental bit of info about each process in order to enhance the usefulness of auditing
[Corion]: Ah - if that information is saved in a file, then you could theoretically spam that file and confuse getlogin(). So, don't use it for authentication :)
[tye]: that is what getlogin() certainly *used* to do. I don't believe that is what it certainly should do.
[davido]: /var/run/utmp is 664 i think.
[tye]: Note that my "man getlogin" says that it uses stdin when it should use /dev/tty (calling a glibc bug). But that does not appear to be the case when I test it. But maybe Perl's getlogin() is not using glibc's getlogin().
[oiskuu]: well, run a strace and see what the getlogin does for you.... As I said. SELinux probably has those security labels. But not regular linux.

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (9)
As of 2017-06-23 19:42 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    How many monitors do you use while coding?















    Results (554 votes). Check out past polls.