Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options

UGU file rename script (GOLF?)

by jptxs (Curate)
on Jul 20, 2001 at 00:01 UTC ( #98216=perlmeditation: print w/replies, xml ) Need Help??

here's a script that Unix Guru Universe sent out today as a "good" script to use to rename a bunch of files with a simple regex as an ARG to determine how to rename. thought it may be fun to GOLF it =)

#!/usr/bin/perl # rename: renames files according to the expr given on the command lin +e. # The expr will usually be a 's' or 'y' command, but can be any valid # perl command if it makes sense. Takes a list of files to work on or # defaults to '*' in the current directory. # e.g. # rename 's/\.flip$/.flop/' # rename *.flip to *.flop # rename s/flip/flop/ # rename *flip* to *flop* # rename 's/^s\.(.*)/$1.X/' # switch sccs filenames around # rename 's/$/.orig/' */*.[ch] # add .orig to your source fil +es in */ # rename 'y/A-Z/a-z/' # lowercase all filenames in . # rename 'y/A-Z/a-z/ if -B' # same, but just binaries! # rename chop *~ # restore all ~ backup files use Getopt::Std; my ($subst, $name); if (!&getopts("nfq") || $#ARGV == -1) { die "Usage: rename [-fnq] <perl expression> [file file...] -f : Force the new filename even if it exists already -n : Just print what would happen, but don't do the command -q : Don't print the files as they are renamed e.g. : rename 's/\.c/.c.old/' * rename -q 'y/A-Z/a-z/' *\n"; } $subst = shift; # Get perl command to work on @ARGV = <*> if $#ARGV < 0; # Default to complete directory foreach $name (@ARGV) { $_ = $name; eval "$subst;"; die $@ if $@; next if -e $_ && !$opt_f; # Skip if the file exists if asked to. mext if $_ eq $name; if ($opt_n) { print "mv $name $_\n"; next; } print "mv $name $_\n" if !$opt_q; rename($name,$_) or warn "Can't rename $name to $_, $!\n"; }

We speak the way we breathe. --Fugazi

Replies are listed 'Best First'.
Re: UGU file rename script (GOLF?)
by myocom (Deacon) on Jul 20, 2001 at 00:08 UTC

    While you're golfing, you might want to add the tiniest bit of security, for heaven's sake. String eval is a potentially very bad thing.

    rename '`rm -rf /`' foo
      `rm -rf /` in an eval would execute rm with the user's own permissions. If the user can run rename '`rm -rf /`' on the command line, they could just as easily run rm -rf / directly.

      In other words, as long as you don't do something foolish like make the rename script setuid or create a web interface to it, I would argue that this script has no inherent security issues.

        I understand that it would execute rm with the user's own permissions. And that may not be a problem for this particular application (though I would never deploy it on *my* network).

        I'm more concerned that this sort of code will get passed on to a different application (cargo-cult style), where security *does* matter. To my thinking, there should at least be a comment about security in there by the eval.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: perlmeditation [id://98216]
Approved by root
[Corion]: Hmmm - and now that I look at it, the gallery I'm using doesn't produce non-Javascript compatible links in the sense that hotlinking to an image will only work for Javascript enabled...
[Corion]: On the other hand, maybe supporting non-Javascript isn't that much a priority, and I'm not exactly sure how I could make it work for both kinds of browsers without server-side magic
[Corion]: Should I ever come across far too much money, this would become my evil maniac lair ;)

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (11)
As of 2017-02-27 08:34 GMT
Find Nodes?
    Voting Booth?
    Before electricity was invented, what was the Electric Eel called?

    Results (377 votes). Check out past polls.