Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid
 
PerlMonks  

Creating .cgi Scripts On the fly

by ACJavascript (Acolyte)
on Jan 21, 2003 at 00:14 UTC ( [id://228531]=perlquestion: print w/replies, xml ) Need Help??

ACJavascript has asked for the wisdom of the Perl Monks concerning the following question:

Hail perl monks, bringer of the perl LOL...

Hello, I know how to create a db file or .cgi file on the fly.
But my question is with the CMHOD part.

you can easily create a file on a server with (if its not there already)

open(Data,">$FileName.db") || print "Cant' write new file";

But i want to write a .cgi file on the fly. So I do the same thing

open(Data,">$FileName.cgi") || print "Canlt write new file";
# Rest of code to write into

Now it works just fine, but it is chromed to 644. CGI Files have to be CHMOD to 755. So how could I do this? CHMOD it to 755 on the fly like that?

Oh and no code in the CGI.pm module please. :)

THanks everyone in advance!
A*C

Replies are listed 'Best First'.
Re: Creating .cgi Scripts On the fly
by diotalevi (Canon) on Jan 21, 2003 at 02:05 UTC

    You were looking for chmod. What you weren't looking for but still need is a general critique of whatever it is that you're doing. Unfortunately you didn't provide enough information to be helpful for this concern. The long and short of it is that your proposition scares the begeezus out of me. I'm very concerned that you either aren't going to take the nessessary care to do this safely or that you aren't aware of all the issues. Would you post more about what you're doing that requires you to create new executables?


    Added: I reviewed your posting history and I'm guessing that you are writing some sort of game. Perhaps as a means for learning perl. If so bravo! Doubleplus bravo for find perlmonks.org, hanging around and asking questions. At this point I'm primarily concerned with two issues - malicious code injection and file locking. The first one is why I started this response in the place.

    I don't know how you are generating the contents of these scripts or what their filenames are but you must be particularly careful to prevent user-supplied data from getting into these. Where it's not possible to prevent user-supplied data from going here you must be extra vigilant that it's vetted to be ok. This is where perlsec and taint becomes your friend. Once you've assured yourself of those requirements then you need to start looking at file locking. Your use of open(FILE,'>file.txt') is prone to clobbering and loss of data.

    If you start posting your code then you can get some actually helpful help. Mostly this response just exists to let you know that there are serious problems with your approach and that I'd like to help but don't have enough information.


    Seeking Green geeks in Minnesota

Re: Creating .cgi Scripts On the fly
by pfaut (Priest) on Jan 21, 2003 at 00:21 UTC

    After closing the file (at that point you'll know if its contents are correct), you can use chmod 0755,"FileName.cgi";

    --- print map { my ($m)=1<<hex($_)&11?' ':''; $m.=substr('AHJPacehklnorstu',hex($_),1) } split //,'2fde0abe76c36c914586c';
      THANK YOU VERY MUCH!!!!!!!!!!!!!!!!

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://228531]
Approved by dash2
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others chanting in the Monastery: (8)
As of 2024-07-12 13:53 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found

    Notices?
    erzuuli‥ 🛈The London Perl and Raku Workshop takes place on 26th Oct 2024. If your company depends on Perl, please consider sponsoring and/or attending.