Re: How can a sub return true or value?
On Sunday 14 April 2002 00:40, you wrote: I use for true and for false. Is there a more standard (or readable) values for true and false? Thanks in advance. You could use 0 as false and 1 (or another non-zero value) as true. Steven -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Security advice: SHA vs crypt for authenticator
On Wednesday 16 January 2002 11:45 am, [EMAIL PROTECTED] wrote: Hello, I'm using a nice little GDBM file for authentication. It just stores users and passwords as SHA1 hashes. When I need to authenticate someone (fewer than 15 lines in the dbm file) I just tie it and compare the SHA'd user input against the hex value in the dbm file. (The file is not publicly readable.) It has been suggested, however, that this is not adequately secure and that the passwords would be better stored crypted or some such. I don't really see the difference between a SHA password and a crypted password in this context. Wouldn't they be equally difficult to crack? Oh, I should add that the authenticator runs as part of a server daemon on a remote system, and so authentication is performed as the same user each time. Just wanted to collect some opinions before I go further. (I'm perfectly willing to accept the possibility I'm wrong--if I weren't I wouldn't ask--so fire away.) Thanks, John Do you mean hash the password then encrypt the file that lists the hashes, or keep the passwords plaintext and encrypt the file? A few concerns I can see would be if the hashes where plaintext and the file was encrypted would be if you broke that, then you'd have all the passwords. Also if someone had an account, they'd know their own username/password and may help with a known clear-text attack. If the passwords where hashed, then stored in a plaintext file (like the passwd file on Unix/Linux systems), then that would leave them more open to dictionary attacks. But you said it wasn't world-readable, so I guess that would make it more like shadow passwords, but still, if someone got the file, they could use a dictionary attack (like the crack program). If you hashed the passwords then encrypted the file, it would make it more difficult to crack, but then you'd have to decrypt the entire file everytime you wanted to check a password (probably more pain than it's worth, especially if it really starts slowing down authentication). There are tons of different options, but limiting it to these options, I'd probably suggest that you hash the passwords, then limit who has access to the file. There's tons of webpages on encryption and subjects like this. I'd check them out too. (can't think of any of the top of my head). Steven -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: What are the uses of the =~ operator?
On Wednesday 16 January 2002 03:56 pm, rabs wrote: I am new to regualr expressions and becoming accqainted with the =~ operator. It appears to me that the =~ allows me to match a pattern in a REGEX against a variable. As such it replaces the $_ varible. $name =~ /[rabs]/; mtaches with a string containing any of the following characters r a b s is this correct? I am quite confused The following text is from the perlop man-page (perldoc perlop) -- Steven Binary =~ binds a scalar expression to a pattern match. Certain operations search or modify the string $_ by default. This operator makes that kind of operation work on some other string. The right argument is a search pat tern, substitution, or transliteration. The left argument is what is supposed to be searched, substituted, or transliterated instead of the default $_. When used in scalar context, the return value generally indicates the success of the operation. Behavior in list context depends on the particular operator. See the Regexp Quote- Like Operators entry elsewhere in this document for details. If the right argument is an expression rather than a search pattern, substitution, or transliteration, it is interpreted as a search pattern at run time. This can be less efficient than an explicit search, because the pat tern must be compiled every time the expression is evalu ated. Binary !~ is just like =~ except the return value is negated in the logical sense. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Help with clearing an array
On Monday 14 January 2002 04:54 pm, you wrote: Can I use this :- @my_arry = undef; No, because it doesn't clear the array. Read the following quote: Small quote from Learning Perl page 53 - under the section Using Scalar-Producing Expressions in a List Context begin quote Going this direction is straightforward: if an expression doesn't normally have a list value, the scalar value is automatically promoted to make a one-element list: @fred = 6 * 7; # gets the one-element list (42) @barney = hello . ' ' . world; Well, there's one possible catch: @wilma = undef; # OOPS! Gets the one-element list (undef) # which is not the same as this: @betty = ();# A correct way to empty an array Since undef is a scalar value, assigning undef to an array doesn't clear the array. The better way to do this is to assign an empty list end quote Steven -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re:How to know if a symlink exists
On Monday 14 January 2002 02:07 am, you wrote: Hi, I wanted to do this: ln -s X Y but unless it don't already exists? How can I do this in Perl? Thanks Using the normal file testing in Perl I think this'd work: if (-l $filename) { # do stuff here } that's a dash then the letter L in lowercase. However this won't tell you if there's already a normal file with that name. You may also want to add a test using -e to make sure a file with that name doesn't exist. Steven -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re:How to know if a symlink exists
On Monday 14 January 2002 02:25 am, I wrote: On Monday 14 January 2002 02:07 am, you wrote: Hi, I wanted to do this: ln -s X Y but unless it don't already exists? How can I do this in Perl? Thanks Using the normal file testing in Perl I think this'd work: if (-l $filename) { # do stuff here } that's a dash then the letter L in lowercase. However this won't tell you if there's already a normal file with that name. You may also want to add a test using -e to make sure a file with that name doesn't exist. Steven So to answer your question my $filename = Y; unless (-l $filename or -e $filename) { symlink X, Y or warn Couldn't create symbolic link Y to X: $!; } NOTE: it's not necessary to make $filename = Y. I only though it'd be easier to see what I was doing than (-l Y or -e Y) Steven -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: All files in a directory tree
On Monday 14 January 2002 02:42 am, you wrote: L.S., I'm looking for a simple way to get all files in a directory and all it's subdirectories on Win32. For instance, the directory structure looks like this: c:\temp\ file01.txt file02.txt c:\temp\subdir01 subdirfile01.txt c:\temp\subdir01\subdir02\ subdirfile02.txt Now, I want to get a list looking something like this: c:\temp\file01.txt c:\temp\file02.txt c:\temp\subdir01\subdirfile01.txt c:\temp\subdir01\subdir02\subdirfile02.txt How can I do this? I know I can get listings with glob, DIRHANDLE, etc, but I can't find anything which traverses all file in the underlying subdirs also. BTW, it has to work on Win32. Thanks in advance. Harmen Groenwold [EMAIL PROTECTED] The File::Find module will do recursive directory listings. As to how, I don't know. Haven't used it yet. Check perldoc File::Find Steven -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: 2 simple questions...
On Monday 14 January 2002 08:58 pm, Chris Anderson wrote: I need to be able to do a wget (But not with a system() command if possible) I need to get the current directory. In Linux I type pwd and it shows it to me, or I can use the $PWD variable. But if I : print The current path is: $PWD; it is blank. How can I get the current path variable? TIA! In Linux (and probably any other *nix), use $ENV{PWD} Steven -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Adding quotes to a string variable
On Monday 07 January 2002 03:16 am, you wrote: You have two options: Option one: Put the string between single quotes $a = 'Test Test Test'; Option two: $a = q(Test Test Test); Regards Robert Graham Well, there are other options. Not that they are better, but they are options. Both require escaping the characters. $a = \Test Test Test\; $a = qq{\Test Test Test\}; Steven -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]