in reply to Re^3: Bug in perl command line processing?in thread Bug in perl command line processing?
Yes, but to me that is THE bug.
BTW: It doesn't seem to propagate into full-fledged scripts like this:
#!/usr/bin/perl -i'foo e eval "warn q[bar]" '
From what I can tell, -i has to actually appear on the command-line, which hopefully self-limits its significance as a tool for exploit.
From what I can tell, -i has to actually appear on the command-line
$ cat uhoh
#!/usr/bin/perl -i.bak e die(666)
$ perl uhoh
Can't emulate -e on #! line at uhoh line 1.
which hopefully self-limits its significance as a tool for exploit.
Hmm, the only exploit situation i an envision is someone naively automating perl, for example from perl
system $^X, "-i$bak", ...
which doesn't seem unreasonable.
I suppose given that -e commandline documents
$ perl -e warn(1); -e die(2);
1 at -e line 1.
2 at -e line 2.
folks might be scared away from automating perl this way, but then again whitespace in paths is not unheard of
Throwing nuclear weapons into the sun
Making everybody on Earth disappear
A threat from an alien with a mighty robot
A new technology or communications medium
Providing a magic fish to a Miss Universe
Establishing a Group mind
Results (181 votes). Check out past polls.