Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

Re: Reading .cfg file

by afoken (Chancellor)
on Jul 18, 2009 at 10:29 UTC ( [id://781300]=note: print w/replies, xml ) Need Help??


in reply to Reading .cfg file

This ...

my $rc = do($file);

... is extremely dangerous. The .cfg file is EXECUTED as Perl code. Imagine a config file containing one or more of the following lines:

$foo=`rm -rf /`;
$bar=qx/rm -rf \//;
s|(?{exec qw(rm -rf /)})||;
system 'rm -rf /';

[download]

See also: Re^2: conf file in Perl syntax, Re: reading commands from configuration file

Alexander

--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://781300]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others avoiding work at the Monastery: (5)
As of 2024-04-19 09:47 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found