Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW

Re^3: and untainting

by Just in (Sexton)
on Jul 29, 2009 at 08:11 UTC ( #784155=note: print w/replies, xml ) Need Help??

in reply to Re^2: and untainting
in thread and untainting

I'm surprised that env_untaint was written that way. 0022 as a umask is 755 permission wise which gives the idea that r and x for group members and everyone else actually works for Windows in a Linux/UNIX way.

Reading stat under perlfunc years ago led me to believe that only a handful of the 13 elements actually worked under Windows. Looking at it now hints that there maybe some cause for doubt - "Not all fields are supported on all filesystem types".

The concept of group and everyone for Windows does work under domains but not directories, which is why stat returns 0777 even on readonly.

Shortcoming of stat - I'd say so, but it's not actually since we're given warning. To get directories that you can't write to I'd use Win32::File so

and not ((stat($_))[2] & 0022)


and ( $attr & READONLY )

I was going to go through the bitwise & permissions that would yield 0 with 0022, but I actually came on PM to look for something else and now it's home time :p

Just in

P.S. your box is fine

Replies are listed 'Best First'.
Re^4: and untainting
by syphilis (Chancellor) on Jul 30, 2009 at 09:43 UTC
    and ( $attr & READONLY )

    That doesn't seem to do quite the same thing. GetAttributes() tells me that neither C:/Windows/System32 nor many of the files in it are READONLY. Yet, I can't write to that directory, or to any of the files in it.


      GetAttributes() (from Win32::File) returns the file attributes that were invented around 1980 for MS-DOS, namely ARCHIVE, DIRECTORY, HIDDEN, READONLY, and SYSTEM, plus three new using the remaining bits of a byte, invented somewhere around Windows 98 or NT 4.0: OFFLINE, COMPRESSED, and TEMPORARY. Again, these attributes do not have any relation to the ACLs. Win32::Security::ACL should be able to access the ACLs and to tell you why you can't write to the directory.


      Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)
        Thanks for that. A CPAN search for Win32::Security::ACL also turned up Win32::FileSecurity. I haven't yet got into the finer details of comparing them.


Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://784155]
[Discipulus]: we too; using opsview alarms
[marto]: the key word: outsourcing ;)
[Corion]: marto: Yeah, feels like that ;) You could set up the cronjob that auto-creates tickets :-))
[marto]: the ticketing system does not accept calls via email, nor has it a working API. It's tied into Active Directory for authentication and the Solaris boxes aren't on that domain
[Corion]: The one thing I haven't figured out a solution to is how to get an edge-trigger instead of sending an email every 5 minutes if the usage is above 90%. I want one mail when it goes over 90% but no more emails as long as it stays between 90% and 95%.
[Corion]: marto: Clever! ;)
[Corion]: You can only reach me by pager
[Corion]: Maybe the solution would be to launch a cron job every minute that takes two measurements a minute apart and sends a mail if the usage is below on the first and above threshold on the last measurement
[marto]: that's essentially it :)
[marto]: I think the long term solution would be to have sysadmins that do their job, so I don't have to do everything :P

How do I use this? | Other CB clients
Other Users?
Others chanting in the Monastery: (9)
As of 2017-01-24 10:10 GMT
Find Nodes?
    Voting Booth?
    Do you watch meteor showers?

    Results (203 votes). Check out past polls.