Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

Re^2: perl vs she-bang perl

by mpersico (Beadle)
on Mar 07, 2013 at 17:08 UTC ( #1022274=note: print w/ replies, xml ) Need Help??


in reply to Re: perl vs she-bang perl
in thread perl vs she-bang perl

After I sent my reply above, I went off and did a rather involved exploration of /proc and ps that I was going to post here. But, as a result of that work, and a discussion of it with a colleague, I came to the conclusion that using any external means of determining a process' own start up command is potentially inaccurate and a potential security breach.

How?

Well, you can lie to exec about what $0 is in the first place (see http://perldoc.perl.org/functions/exec.html and search for lie). And the lie will be propagated in /proc and ps, so using those are no better than using $0. Additionally, I would imagine that mucking around with your environment (especially $ENV{PATH}) before calling exec on a naked perl command could be the potential security hazard.

I am convinced that the safest way for a Perl program to re-invoke yourself is to build the command as follows:

  • Use $^X in place of the perl command you might determine externally.
  • Use Devel::PL_origargv for arguments/options to Perl itself.
  • Use $0 for the script name (although this can be fraught with peril, as noted above).
  • Use a copy of @ARGV before any getopt processing.
  • Put all of these in an array and use the exec(@array) form, not the exec("@array") string form.

Still sounds like an operation worth of a module. Potential names anyone? Reinvoke? Groundhog ? :-)


Comment on Re^2: perl vs she-bang perl
Select or Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1022274]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (6)
As of 2014-12-20 15:54 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (96 votes), past polls