Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

Re^2: Stop Using Perl pt. 2

by sushi (Initiate)
on Dec 29, 2015 at 14:21 UTC ( #1151359=note: print w/replies, xml ) Need Help??


in reply to Re: Stop Using Perl pt. 2
in thread Stop Using Perl pt. 2

Actually, by "hashes and arrays are considered secure", he meant that Perl developers do not consider hashes, arrays, or elements of either to be controlled by user input - not requiring sanitation.

By 'productive' I meant that he actually found some serious gotcha's rather than complaining about basic language features. Like, I had no idea about <$file> when $file is actually ARGV or whatever he went on about.

Replies are listed 'Best First'.
Re^3: Stop Using Perl pt. 2
by Corion (Pope) on Dec 29, 2015 at 15:21 UTC

    Even if you use the relatively safe three-argument version of open, you need to sanitize the user input. Ideally, you would never use user input to open a file or pass user input to an operating system function, which is where open basically ends up at. If you open files from user input and don't use three-argument open, you get what you deserve. This is documented in I/O Operators, but maybe not in such direct words.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1151359]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (8)
As of 2019-11-12 10:52 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Strict and warnings: which comes first?



    Results (65 votes). Check out past polls.

    Notices?