http://danconia.org
Alex Blum wrote:
hi there.
I have this problem:
there's a script, that runs just fine, until it dives into a subroutine,
where it is supposed to chmod() and chown() a bunch of files - but fails
miserably because of the taint mode...
ok. there's two options:
1. I'm lazy and don't care much about security and just take out the
taintmode
or
2. I fix this.
at http://www.developer.com/open/article.php/631331 the author metions chmod() and chown() as being considered as dangerous by perl (obviously).
can someone help me please? I'm stuck with this, and don't know, how to
solve the problem. just in case: I did read the
"Chapter 23. Security" of programming perl (3rd edition) and still don't
know any way out of this...
script is being run at boottime, hence it has root privileges.
here's my subroutine:
sub fetch{
my $study_number = shift;
my $oldpath = $ENV{'PATH'};
$ENV{'PATH'} = "/usr/bin:/bin:/usr/local/bin"; # in case 'wget' is in
one of these folders...
my $pfactory = "BEM225";
my $httpuser = "vvvv";
my $httppass = "xxxx";
my $readings = "/users/AVS/BR_Files";
my $user = 999;
my $group = 1000;
my $mode = 644;
chdir $readings;
system "wget -q -r -l1 -nH -R htm,html --http-user=$httpuser
--http-pass=$httppass http://$pfactory/digima/$study_number";;
opendir DIR, "$readings/$study_number";
my @files = readdir DIR;
closedir DIR;
chdir "$readings/$study_number";
chmod oct($mode), @files; ####exits here
already
chown ($user, $group, @files) == @files;
}
-- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
