http://www.perlmonks.org?node_id=537706


in reply to What is wrong with variable?

if( $line =~ /^Subject: `(.*)`/ ){ system(`$1`); last }

I hope that's an extract from a script that does some extract checking, because if you're blindly executing commands that come in on subject lines to emails, you are setting yourself up for some major hurt. I've seen random spam come in with backquotes around the subject body.

Replies are listed 'Best First'.
Re^2: What is wrong with variable?
by w3b (Beadle) on Mar 19, 2006 at 04:35 UTC
    It's test version, if it work i'll add authorization function...
      Authorization is the second step, before that you will need an authentication check to make sure that the one who logs in is indeed who (s)he says (s)he is (that is the usual login-id and password stuff).

      It is a bit difficult to see how you can authenticate through e-mail (perhaps putting the log-in and password in the body of the e-mail? But that is not secure at all as anybody who intercepts the e-mail will know your log-in and password). Simply checking for the e-mail address of the sender is of course not enough as e-mail headers are far too easily spoofed. Anyone who has taken the Spam 101-course will know how to do it.

      CountZero

      "If you have four groups working on a compiler, you'll get a 4-pass compiler." - Conway's Law