Beefy Boxes and Bandwidth Generously Provided by pair Networks
Clear questions and runnable code
get the best and fastest answer
 
PerlMonks  

Re^3: How to get screenshort using PERL?

by almut (Canon)
on Apr 28, 2010 at 15:13 UTC ( [id://837330]=note: print w/replies, xml ) Need Help??


in reply to Re^2: How to get screenshort using PERL?
in thread How to get screenshort using PERL?

You still invoke the default shell

Actually, this particular example wouldn't invoke a shell, because there are no shell metacharacters in the command. 

$ strace -f -eexecve perl -e 'system("import -window root MyScreenshot
+.png")'
execve("/usr/local/bin/perl", ["perl", "-e", "system(\"import -window 
+root MySc"...], [/* 31 vars */]) = 0
Process 20945 attached (waiting for parent)
Process 20945 resumed (parent 20944 ready)
[pid 20945] execve("/home/almut/bin/import", ["import", "-window", "ro
+ot", "MyScreenshot.png"], [/* 31 vars */]) = -1 ENOENT (No such file 
+or directory)
[pid 20945] execve("/usr/local/sbin/import", ["import", "-window", "ro
+ot", "MyScreenshot.png"], [/* 31 vars */]) = -1 ENOENT (No such file 
+or directory)
[pid 20945] execve("/usr/local/bin/import", ["import", "-window", "roo
+t", "MyScreenshot.png"], [/* 31 vars */]) = -1 ENOENT (No such file o
+r directory)
[pid 20945] execve("/usr/sbin/import", ["import", "-window", "root", "
+MyScreenshot.png"], [/* 31 vars */]) = -1 ENOENT (No such file or dir
+ectory)
[pid 20945] execve("/usr/bin/import", ["import", "-window", "root", "M
+yScreenshot.png"], [/* 31 vars */]) = 0

[download]

As you can see, the import is being run directly.

(Add a ';' (metacharacter) at the end of the command, and it will run the command via a shell...)

Replies are listed 'Best First'.
Re^4: How to get screenshort using PERL?
by afoken (Chancellor) on Apr 29, 2010 at 12:18 UTC
    Actually, this particular example wouldn't invoke a shell ...

    Right. But the next logical step will probably cause both invoking a shell and opening a security hole:

    Depending on the beginners experience, the call may change to system("import -window root $filename") (very naive) or system("import -window root '$filename'") (a little bit of experience, but still wrong).

    With a proper multi-argument system() (i.e. system('import','-window','root','MyScreenshot.png')), it is very unlikely to happen. We may see some cargo cult, like putting the filename in quotes (system('import','-window','root',"$filename")), but that does not cause any problems (except perhaps some wasted CPU cycles).

    And for extra bonus points, the import utility would be called with an absolute path, to avoid the dependancy on $ENV{'PATH'}. That would also save a lot of CPU cycles trying to find import.

    Alexander

    --
    Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)
[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://837330]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others sharing their wisdom with the Monastery: (4)
As of 2024-04-24 07:11 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found