On 7/29/07, Mr. Shawn H. Corey <[EMAIL PROTECTED]> wrote:
> The recommended usage of open is:
>
> open my $omarfh, '<', 'junk' or die "Input file 'junk' cannot be opened:
> $!";
>
> The three argument is preferred as a malicious user could enter a file name
> that starts with '>'
It is preferred in code that accepts file names as user input and
doesn't perform taint checking. If the program uses a hard-coded
filenames, then no hurt, no foul. There can be no malicious user until
there is first a user.
Now OP knows at least three ways to tackle the problem. Yay! We're
learning! That's what this list is for.
if ( $my_way eq $only_way) {
die "PEBCAK error: programmer malfunction"
} else {
print <<EOF;
Rule #1: TIMTOWTDI.
Rule #2: If someone tells you otherwise, see rule #1.
EOF
}
-- jay
--------------------------------------------------
This email and attachment(s): [ ] blogable; [ x ] ask first; [ ]
private and confidential
daggerquill [at] gmail [dot] com
http://www.tuaw.com http://www.downloadsquad.com http://www.engatiki.org
values of β will give rise to dom!
