subject:"user id validation"

Re: user id validation

2008-07-02 Thread Randal L. Schwartz


$< is a uid

getpwuid($<) looks up the info on that.

-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/>
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/

Re: user id validation

2008-07-02 Thread Richard Lee


Rajnikant wrote:

Hey Richard,
I think $< returns user id. Correct me if I'm wrong ;-). 



  

yes, you are correct.

I was reading the perldoc .. on this and I was bit confused at first, on

   $uid   = getpwnam ($name);
   $name  = getpwuid ($num);
   $name  = getpwent ();
   $gid   = getgrnam ($name);
   $name  = getgrgid ($num);
   $name  = getgrent ();


so I tried this..

#!/usr/bin/perl

use warnings;
use strict;

my $usr =  getpwnam(getpwuid($<));

print "\$usr is $usr\n";

[EMAIL PROTECTED] tmp]$ ./!$
././././././././test_getpw.pl
$usr is 500
[EMAIL PROTECTED] tmp]$

scalar command did not work for me.(for whatever reason).
so this way it works but then, wait a min I thought, this is stupid. so 
why not just do...


#!/usr/bin/perl

use warnings;
use strict;

#my $usr =  getpwnam(getpwuid($<));
my $usr =  $<;


print "\$usr is $usr\n";

[EMAIL PROTECTED] tmp]$ ./!$
././././././././././test_getpw.pl
$usr is 500
[EMAIL PROTECTED] tmp]$

so just wondering is there some kind of security implication of using $< 
directly opposed to getting it through getpw* ?



--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/

RE: user id validation

2008-07-01 Thread Rajnikant

Hey Richard,
I think $< returns user id. Correct me if I'm wrong ;-). 


Rajnikant Jachak | Software Engg | Persistent Systems Limited
[EMAIL PROTECTED] | Cell: +91 9822204088 | Tel: +91 (20)
3023 2479
 
Persistent Systems - Innovations in software product design,development and
delivery - www.persistentsys.com
 

-Original Message-
From: Richard Lee [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, July 02, 2008 11:50 AM
To: Randal L. Schwartz
Cc: Rajnikant; beginners@perl.org
Subject: Re: user id validation

Randal L. Schwartz wrote:
>>>>>> "Rajnikant" == Rajnikant  <[EMAIL PROTECTED]> writes:
>>>>>> 
>
> Rajnikant> Is there any such way to get home directory of user? 
>
> Is there any such way that this might be, perhaps, oh, a FAQ?
>
> Oh, yes, let's see.
>
> $ perldoc -q tilde
> Found in /usr/libdata/perl5/pod/perlfaq5.pod
>   How can I translate tildes (~) in a filename?
>
> Use the <> (glob()) operator, documented in perlfunc. Older
versions of
> Perl require that you have a shell installed that groks tildes.
Recent
> perl versions have this feature built in. The File::KGlob module
> (available from CPAN) gives more portable glob functionality.
>
> Within Perl, you may use this directly:
>
> $filename =~ s{
>   ^ ~ # find a leading tilde
>   (   # save this in $1
>   [^/]# a non-slash character
> * # repeated 0 or more times (0 means me)
>   )
> }{
>   $1
>   ? (getpwnam($1))[7]
>   : ( $ENV{HOME} || $ENV{LOGDIR} )
> }ex;
>
> OK, so you may have not known "tilde".  But you should be reading the 
> FAQ titles at least weekly until you are bored to tears from them, and 
> probably reading the entire FAQ at least bi-monthly.
>
>   
thanks guys!!

But I guess there is no way to get user id.. ? I will read FAQ more... 
(till I am bored to tears ? :-) )

--
To unsubscribe, e-mail: [EMAIL PROTECTED] For additional
commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/



DISCLAIMER
==
This e-mail may contain privileged and confidential information which is the 
property of Persistent Systems Ltd. It is intended only for the use of the 
individual or entity to which it is addressed. If you are not the intended 
recipient, you are not authorized to read, retain, copy, print, distribute or 
use this message. If you have received this communication in error, please 
notify the sender and delete all copies of this message. Persistent Systems 
Ltd. does not accept any liability for virus infected mails.

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/

Re: user id validation

2008-07-01 Thread John W. Krahn


Randal L. Schwartz wrote:

""Rajnikant"" == "Rajnikant"  <[EMAIL PROTECTED]> writes:


"Rajnikant"> I think Work around for this is,

"Rajnikant"> My $usr = $ENV { USER };
"Rajnikant"> If ($usr eq "userA")
"Rajnikant">Go get it
"Rajnikant"> Else
"Rajnikant">Access restricted.

No, you want scalar getpwwuid ($<).


Your w key is stuck Randal, that should be:

   scalar getpwuid ($<)


:-)

John
--
Perl isn't a toolbox, but a small machine shop where you
can special-order certain sorts of tools at low cost and
in short order.-- Larry Wall

--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/

Re: user id validation

2008-07-01 Thread Randal L. Schwartz

> "Richard" == Richard Lee <[EMAIL PROTECTED]> writes:

Richard> But I guess there is no way to get user id.. ?

Did you miss my other answer?

-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/>
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/

Re: user id validation

2008-07-01 Thread Richard Lee


Randal L. Schwartz wrote:

"Rajnikant" == Rajnikant  <[EMAIL PROTECTED]> writes:



Rajnikant> Is there any such way to get home directory of user? 


Is there any such way that this might be, perhaps, oh, a FAQ?

Oh, yes, let's see.

$ perldoc -q tilde
Found in /usr/libdata/perl5/pod/perlfaq5.pod
  How can I translate tildes (~) in a filename?

Use the <> (glob()) operator, documented in perlfunc. Older versions of
Perl require that you have a shell installed that groks tildes. Recent
perl versions have this feature built in. The File::KGlob module
(available from CPAN) gives more portable glob functionality.

Within Perl, you may use this directly:

$filename =~ s{
  ^ ~ # find a leading tilde
  (   # save this in $1
  [^/]# a non-slash character
* # repeated 0 or more times (0 means me)
  )
}{
  $1
  ? (getpwnam($1))[7]
  : ( $ENV{HOME} || $ENV{LOGDIR} )
}ex;

OK, so you may have not known "tilde".  But you should be reading
the FAQ titles at least weekly until you are bored to tears from them,
and probably reading the entire FAQ at least bi-monthly.

  

thanks guys!!

But I guess there is no way to get user id.. ? I will read FAQ more... 
(till I am bored to tears ? :-) )


--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/

Re: user id validation

2008-07-01 Thread Randal L. Schwartz

> "Rajnikant" == Rajnikant  <[EMAIL PROTECTED]> writes:

Rajnikant> Is there any such way to get home directory of user? 

Is there any such way that this might be, perhaps, oh, a FAQ?

Oh, yes, let's see.

$ perldoc -q tilde
Found in /usr/libdata/perl5/pod/perlfaq5.pod
  How can I translate tildes (~) in a filename?

Use the <> (glob()) operator, documented in perlfunc. Older versions of
Perl require that you have a shell installed that groks tildes. Recent
perl versions have this feature built in. The File::KGlob module
(available from CPAN) gives more portable glob functionality.

Within Perl, you may use this directly:

$filename =~ s{
  ^ ~ # find a leading tilde
  (   # save this in $1
  [^/]# a non-slash character
* # repeated 0 or more times (0 means me)
  )
}{
  $1
  ? (getpwnam($1))[7]
  : ( $ENV{HOME} || $ENV{LOGDIR} )
}ex;

OK, so you may have not known "tilde".  But you should be reading
the FAQ titles at least weekly until you are bored to tears from them,
and probably reading the entire FAQ at least bi-monthly.

-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/>
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/

RE: user id validation

2008-07-01 Thread Rajnikant

Is there any such way to get home directory of user? 


Rajnikant Jachak | Software Engg | Persistent Systems Limited
[EMAIL PROTECTED] | Cell: +91 9822204088 | Tel: +91 (20)
3023 2479
 
Persistent Systems - Innovations in software product design,development and
delivery - www.persistentsys.com
 

-Original Message-
From: Randal L. Schwartz [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, July 02, 2008 11:12 AM
To: beginners@perl.org
Subject: Re: user id validation

>>>>> ""Rajnikant"" == "Rajnikant"  <[EMAIL PROTECTED]>
writes:

"Rajnikant"> I think Work around for this is,

"Rajnikant"> My $usr = $ENV { USER };
"Rajnikant"> If ($usr eq "userA")
"Rajnikant">Go get it
"Rajnikant"> Else
"Rajnikant">Access restricted.

No, you want scalar getpwwuid ($<).

my $user = getpwuid $<;
if ($user eq "merlyn") { ... } # it's me!

--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/>
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion

--
To unsubscribe, e-mail: [EMAIL PROTECTED] For additional
commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/



DISCLAIMER
==
This e-mail may contain privileged and confidential information which is the 
property of Persistent Systems Ltd. It is intended only for the use of the 
individual or entity to which it is addressed. If you are not the intended 
recipient, you are not authorized to read, retain, copy, print, distribute or 
use this message. If you have received this communication in error, please 
notify the sender and delete all copies of this message. Persistent Systems 
Ltd. does not accept any liability for virus infected mails.

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/

RE: user id validation

2008-07-01 Thread Rajnikant

Thanks Amit.
Yours is the valid doubt.
The $ENV { USER } approach is not secure. 

I'll go with Merlyn

>> my $user = getpwuid $<;
>> if ($user eq "merlyn") { ... } # it's me!

Rajnikant Jachak | Software Engg | Persistent Systems Limited
[EMAIL PROTECTED] | Cell: +91 9822204088 | Tel: +91 (20)
3023 2479
 
Persistent Systems - Innovations in software product design,development and
delivery - www.persistentsys.com
 

-Original Message-
From: Amit Saxena [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, July 02, 2008 10:55 AM
To: Rajnikant
Cc: Richard Lee; Perl Beginners
Subject: Re: user id validation

What if before running this perl code, I modify the 'USER' environment
variable ?

I have not tried like that but I feel it can be done because the environment
variables are not restricted.

Assuming that works, then any user can just reset the environment variable
to any one among the allowed ones and the script will work.

I feel the better way is to use system command and call "whoami" or "id"
command.

Regards,
Amit Saxena

On Wed, Jul 2, 2008 at 10:30 AM, Rajnikant <
[EMAIL PROTECTED]> wrote:

>
> I think Work around for this is,
>
> My $usr = $ENV { USER };
> If ($usr eq "userA")
>   Go get it
> Else
>   Access restricted.
>
>
> Rajnikant Jachak | Software Engg | Persistent Systems Limited 
> [EMAIL PROTECTED] | Cell: +91 9822204088 | Tel: +91 
> (20)
> 3023 2479
>
> Persistent Systems - Innovations in software product 
> design,development and delivery - www.persistentsys.com
>
>
> -Original Message-----
> From: Richard Lee [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, July 02, 2008 10:18 AM
> To: Perl Beginners
> Subject: user id validation
>
> I am just wondering how to validate a user who is using the script??
>
> I wanted to allow only user below to be able to user the script and 
> was thinking about
> userA(userid: 1077)
> userB(userid: 1088)
> userC(userid: 1099)
>
> so, inside of script, I would put,
>
> unless ( $userid =~ /1077|1088|1099/ ) {
>print "You are not authorized to use this\n"; }
>
> but I am not sure how to come up w/ $userid ?
> how do I find out what the userid of person who is using the script? 
> Is there specific perl command for that?
>
> --
> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional 
> commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/
>
>
>
> DISCLAIMER
> ==
> This e-mail may contain privileged and confidential information which 
> is the property of Persistent Systems Ltd. It is intended only for the 
> use of the individual or entity to which it is addressed. If you are 
> not the intended recipient, you are not authorized to read, retain, 
> copy, print, distribute or use this message. If you have received this 
> communication in error, please notify the sender and delete all copies of
this message.
> Persistent Systems Ltd. does not accept any liability for virus 
> infected mails.
>
> --
> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional 
> commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/
>
>
>


DISCLAIMER
==
This e-mail may contain privileged and confidential information which is the 
property of Persistent Systems Ltd. It is intended only for the use of the 
individual or entity to which it is addressed. If you are not the intended 
recipient, you are not authorized to read, retain, copy, print, distribute or 
use this message. If you have received this communication in error, please 
notify the sender and delete all copies of this message. Persistent Systems 
Ltd. does not accept any liability for virus infected mails.

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/

Re: user id validation

2008-07-01 Thread Randal L. Schwartz

> ""Rajnikant"" == "Rajnikant"  <[EMAIL PROTECTED]> writes:

"Rajnikant"> I think Work around for this is,

"Rajnikant"> My $usr = $ENV { USER };
"Rajnikant"> If ($usr eq "userA")
"Rajnikant">Go get it
"Rajnikant"> Else
"Rajnikant">Access restricted.

No, you want scalar getpwwuid ($<).

my $user = getpwuid $<;
if ($user eq "merlyn") { ... } # it's me!

-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/>
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/

Re: user id validation

2008-07-01 Thread Amit Saxena

What if before running this perl code, I modify the 'USER' environment
variable ?

I have not tried like that but I feel it can be done because the environment
variables are not restricted.

Assuming that works, then any user can just reset the environment variable
to any one among the
allowed ones and the script will work.

I feel the better way is to use system command and call "whoami" or "id"
command.

Regards,
Amit Saxena

On Wed, Jul 2, 2008 at 10:30 AM, Rajnikant <
[EMAIL PROTECTED]> wrote:

>
> I think Work around for this is,
>
> My $usr = $ENV { USER };
> If ($usr eq "userA")
>   Go get it
> Else
>   Access restricted.
>
>
> Rajnikant Jachak | Software Engg | Persistent Systems Limited
> [EMAIL PROTECTED] | Cell: +91 9822204088 | Tel: +91 (20)
> 3023 2479
>
> Persistent Systems - Innovations in software product design,development and
> delivery - www.persistentsys.com
>
>
> -Original Message-
> From: Richard Lee [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, July 02, 2008 10:18 AM
> To: Perl Beginners
> Subject: user id validation
>
> I am just wondering how to validate a user who is using the script??
>
> I wanted to allow only user below to be able to user the script and was
> thinking about
> userA(userid: 1077)
> userB(userid: 1088)
> userC(userid: 1099)
>
> so, inside of script, I would put,
>
> unless ( $userid =~ /1077|1088|1099/ ) {
>print "You are not authorized to use this\n"; }
>
> but I am not sure how to come up w/ $userid ?
> how do I find out what the userid of person who is using the script? Is
> there specific perl command for that?
>
> --
> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional
> commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/
>
>
>
> DISCLAIMER
> ==
> This e-mail may contain privileged and confidential information which is
> the property of Persistent Systems Ltd. It is intended only for the use of
> the individual or entity to which it is addressed. If you are not the
> intended recipient, you are not authorized to read, retain, copy, print,
> distribute or use this message. If you have received this communication in
> error, please notify the sender and delete all copies of this message.
> Persistent Systems Ltd. does not accept any liability for virus infected
> mails.
>
> --
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> http://learn.perl.org/
>
>
>

RE: user id validation

2008-07-01 Thread Rajnikant

 
I think Work around for this is,

My $usr = $ENV { USER };
If ($usr eq "userA")
   Go get it
Else
   Access restricted.


Rajnikant Jachak | Software Engg | Persistent Systems Limited
[EMAIL PROTECTED] | Cell: +91 9822204088 | Tel: +91 (20)
3023 2479
 
Persistent Systems - Innovations in software product design,development and
delivery - www.persistentsys.com
 

-Original Message-
From: Richard Lee [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, July 02, 2008 10:18 AM
To: Perl Beginners
Subject: user id validation

I am just wondering how to validate a user who is using the script??

I wanted to allow only user below to be able to user the script and was
thinking about
userA(userid: 1077)
userB(userid: 1088)
userC(userid: 1099)

so, inside of script, I would put,

unless ( $userid =~ /1077|1088|1099/ ) {
print "You are not authorized to use this\n"; }

but I am not sure how to come up w/ $userid ?
how do I find out what the userid of person who is using the script? Is
there specific perl command for that?

--
To unsubscribe, e-mail: [EMAIL PROTECTED] For additional
commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/



DISCLAIMER
==
This e-mail may contain privileged and confidential information which is the 
property of Persistent Systems Ltd. It is intended only for the use of the 
individual or entity to which it is addressed. If you are not the intended 
recipient, you are not authorized to read, retain, copy, print, distribute or 
use this message. If you have received this communication in error, please 
notify the sender and delete all copies of this message. Persistent Systems 
Ltd. does not accept any liability for virus infected mails.

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/

user id validation

2008-07-01 Thread Richard Lee


I am just wondering how to validate a user who is using the script??

I wanted to allow only user below to be able to user the script and was 
thinking about

userA(userid: 1077)
userB(userid: 1088)
userC(userid: 1099)

so, inside of script, I would put,

unless ( $userid =~ /1077|1088|1099/ ) {
   print "You are not authorized to use this\n";
}

but I am not sure how to come up w/ $userid ?
how do I find out what the userid of person who is using the script? Is 
there specific perl command for that?


--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/

Re: user id validation

Re: user id validation

RE: user id validation

Re: user id validation

Re: user id validation

Re: user id validation

Re: user id validation

RE: user id validation

RE: user id validation

Re: user id validation

Re: user id validation

RE: user id validation

user id validation

13 matches

Site Navigation

Mail list logo

Footer information