You don't mention which OS you're using, but in Richard Stevens' _Advanced Programming in the UNIX Environment_, on p.189 he states: "Many current implementations don't perform a complete copy of the parent's data, stack, and heap, since a fork is often followed by an exec. Instead, a technique called copy-on-write (COW) is used." This does exactly what you'd think it would--shared heap is made read-only, and additional memory is allocated only when the parent or child try to modify data. So, forking an entire server process isn't as bad as you'd think. -Mike At 1:39 PM -0800 11/28/00, Paul wrote: >Hi all. > >I'm writing module code which (for backward compatibility with the CGI >it's replacing) needs to be able to execute commands from a file. >(~urgh~) The files have usually been ksh and/or Perl. Commonly, they >contain a directive to execute a line of shell script. > >Ideally, such commands will be replaced with equivelent perl code which >could simply be eval()'d, but I'm concerned that one of my coworkers >might write his perl code with backticks in it (like `grep foo *.bar`) >instead of writing the few extra lines of code, particularly since we >have a lot of legacy code in several languages (such as ksh functions). > >Wouldn't that effectively fork an entire server process before exec'ing >the qx//? And is there any simple way to prevent that, or any simple >alternative aside from a big stick? > >(a stoopid question -- Doesn't a Perl eval() with backticks do a full >blown program fork and exec, too?) > >Also, I realize the security holes this might present, but the files in >question are never influenced by user input. Security isn't the >question -- just the fork. > >Thanks a mil, >Paul > >__________________________________________________ >Do You Yahoo!? >Yahoo! Shopping - Thousands of Stores. Millions of Products. >http://shopping.yahoo.com/ > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
