Jdavis wrote: > > hello, Hello,
> Could someont tell me the secure way > to get input from a system call > like... > > $date = `/bin/date`; > > or > > $client = `/usr/bin/finsmb`; The output from using backticks is just data and so is not inherently insecure. However, how do you know that /bin/date is the real /bin/date and not a cracker program installed by someone who has broken in to your system? Whenever possible use perl's built-in functions ($date = localtime;). The perlsec document will explain security in more detail. perldoc perlsec John -- use Perl; program fulfillment -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
