drieux wrote:
> ...
> think about the case of
>
> $file = '/path/to/file ; ( find / -print | xargs rm -r -f )';
> system("md5 $file");
>
> DO NOT TRY THAT ONE AT HOME KIDDIES!!!!
Wouldn't
system('md5', $file);
Be safer, since the list form of system() bypasses the shell? Consider:
$ perl -e "system('md5 /etc/passwd; echo Hello')"
MD5 (/etc/passwd) = 232522a1340d0956071c7b8b005a627b
Hello
versus:
$ perl -e "system('md5','/etc/passwd; echo Hello')"
md5: /etc/passwd; echo Hello: No such file or directory
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
