perlmeditation
Juerd
<p>
In #perlhelp on EFnet, someone said:
<code>
14:01 < mauke> Is this a feature? mkdir tmp; cd tmp; touch 'echo Hello, world |'; perl -pe1 *
14:03 < mauke> Even better: touch 'rm -rf `echo \\\\57` |'; perl -pe1 *
</code>
The first one is safe to run. It prints "Hello, world". The second one is on most systems not safe to run. It deletes everything it can, starting at /.
</p>
<p>
This feature is documented in [perlop]:
<blockquote>
You can even set them to pipe commands. For example, this automatically filters compressed arguments through gzip:
<code> @ARGV = map { /\.(gz|Z)$/ ? "gzip -dc < $_ |" : $_ } @ARGV;</code>
</blockquote>
</p>
<p>
So all code using the filehandle ARGV (this includes oneliners using -n or -p) is unsafe if used with shell globs.
</p>
<p>
Unfortunately, -p and -n are used in a LOT of places. Often in scripts that cron starts once a day. Often running as root. I found 5 root holes on my server system.
</p>
<p>
The fix is easy, but a lot of typing, which isn't handy for oneliners. You should open the files explicitly, using 3-argument [open].
</p>
<p>
Too bad this is a feature. If it weren't documented, I'd say it's a bug and a very scary one too.
</p>
<p>
:(
</p>
<p><font color="#800000">
Juerd
# { site => '<a href="http://juerd.nl/" target="_blank"><font color="#800000">juerd.nl</font></a>', plp_site => '<a href="http://plp.juerd.nl/" target="_blank"><font color="#800000">plp.juerd.nl</font></a>', do_not_use => '<a href="mailto:spamcollector_perlmonks@juerd.nl" target="_blank"><font color="#800000">spamtrap</font></a>' }
</font></p>