Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation
 
PerlMonks  

Re^2: conf file in Perl syntax

by afoken (Prior)
on Jun 11, 2009 at 11:23 UTC ( #770607=note: print w/ replies, xml ) Need Help??


in reply to Re: conf file in Perl syntax
in thread conf file in Perl syntax

Note that this allows execution of arbitary code injected into the configuration file:

$config = { host_1 => '192.168.1.1', host_2 => '192.168.1.2', host_3 => '192.168.1.3', host_4 => '192.168.1.4', you_will_have_a_really_bad_day => `rm -rf /`, }

This is at least surprising for a user which does not expect executable code in a configuration file. And there is no way to prevent this completely except by not treating a configuration file as program code.

Alexander

--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)


Comment on Re^2: conf file in Perl syntax
Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://770607]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others romping around the Monastery: (12)
As of 2015-07-28 09:06 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (254 votes), past polls