in reply to Two-arg open() considered dangerous
For the most part, doesn't this "security danger" simply come down more to the vetting of parameters passed to functions, rather than the functions themselves? I mean, with the use of taint mode (-T), such an open statement would not be allowed as it (presumably) represents a passed parameter which has not been vetted prior to its passing onto open.
I do however agree with you most heartedly on the matter of sysopen() - A most underused and useful function ...
perl -e 's&&rob@cowsnet.com.au&&&split/[@.]/&&s&.com.&_&&&print'
|
---|
Replies are listed 'Best First'. | |
---|---|
Re: Re: Two-arg open() considered dangerous
by chip (Curate) on Dec 13, 2001 at 00:22 UTC | |
by rob_au (Abbot) on Dec 13, 2001 at 04:37 UTC | |
by chip (Curate) on Dec 13, 2001 at 04:39 UTC | |
by rob_au (Abbot) on Dec 13, 2001 at 04:48 UTC | |
by chip (Curate) on Dec 13, 2001 at 04:54 UTC |
In Section
Meditations