Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris
 
PerlMonks  

Re^4: Bug in perl command line processing?

by demerphq (Chancellor)
on May 22, 2012 at 21:41 UTC ( #971887=note: print w/ replies, xml ) Need Help??


in reply to Re^3: Bug in perl command line processing?
in thread Bug in perl command line processing?

Yes, but to me that is THE bug.

---
$world=~s/war/peace/g


Comment on Re^4: Bug in perl command line processing?
Re^5: Bug in perl command line processing?
by davido (Archbishop) on May 22, 2012 at 21:50 UTC

    Absolutely.

    BTW: It doesn't seem to propagate into full-fledged scripts like this:

    #!/usr/bin/perl -i'foo e eval "warn q[bar]" ' 1;

    From what I can tell, -i has to actually appear on the command-line, which hopefully self-limits its significance as a tool for exploit.


    Dave

      From what I can tell, -i has to actually appear on the command-line

      Yup,

      $ cat uhoh #!/usr/bin/perl -i.bak e die(666) 1; $ perl uhoh Can't emulate -e on #! line at uhoh line 1.

      which hopefully self-limits its significance as a tool for exploit.

      Hmm, the only exploit situation i an envision is someone naively automating perl, for example from perl

      system $^X, "-i$bak", ...

      which doesn't seem unreasonable. I suppose given that -e commandline documents

      $ perl -e warn(1); -e die(2); 1 at -e line 1. 2 at -e line 2.

      folks might be scared away from automating perl this way, but then again whitespace in paths is not unheard of

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://971887]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others surveying the Monastery: (13)
As of 2015-07-03 13:19 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (53 votes), past polls