Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight
 
PerlMonks  

Re^2: Wget using backquotes

by hacker (Priest)
on Feb 18, 2007 at 19:07 UTC ( #600736=note: print w/ replies, xml ) Need Help??


in reply to Re: Wget using backquotes
in thread Wget using backquotes

As I previously mentioned... you want IPC::Run or IPC::Open3...

You do not want to use system here either. Well ok, you CAN use system in "list mode" here to avoid spawning a shell, but this is NOT what zentara showed you, that approach is unsafe.

Using "backticks" (otherwise properly known as "accent grave" is deathly unsafe, and you should never use anything of the sort. From the pod:

IPC::Open3, open3 - open a process for reading, writing, and error handling

Also, you should be using one of the standard LWP modules here, and catching the response codes that come back, instead of relying on a userland binary (which can easily be faked, opening a hole in your system).

If you don't value the security of the system, then go ahead and implement the unsafe, incorrect approach.


Comment on Re^2: Wget using backquotes
Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://600736]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others lurking in the Monastery: (8)
As of 2014-12-27 06:43 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (176 votes), past polls