February 2012
Intermediate to advanced
1184 pages
37h 17m
English
Content preview from Programming Perl, 4th EditionBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Cleaning Up Your Environment
When you execute another program from within your Perl script, no matter how,
Perl checks to make sure your PATH environment
variable is secure. Since it came from your environment, your
PATH starts out tainted; so, if
you try to run another program, Perl raises an “Insecure $ENV{PATH}” exception. When you
set it to a known, untainted value, Perl makes sure that each
directory in that path is nonwritable by anyone other than the
directory’s owner and group; otherwise, it raises an “Insecure directory” exception.
You may be surprised to find that Perl cares about your
PATH even when you specify the
full pathname of the command you want to execute. It’s true that
with an absolute filename, the PATH isn’t used to find the executable to
run. But there’s no reason to trust the program you’re running not
to turn right around and execute some other
program and get into trouble because of the insecure PATH. So Perl forces you to set a secure
PATH before you call any program,
no matter how you say to call it.
The PATH isn’t the only
environment variable that can bring grief. Because some shells use
the variables IFS,
CDPATH, ENV, and BASH_ENV, Perl makes sure that those are
all either empty or untainted before it will run another command.
Either set these variables to something known to be safe or delete
them from the environment altogether:
delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # Make %ENV saferFeatures convenient in a normal environment can become security ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.