Hi all. I'm writing module code which (for backward compatibility with the CGI it's replacing) needs to be able to execute commands from a file. (~urgh~) The files have usually been ksh and/or Perl. Commonly, they contain a directive to execute a line of shell script. Ideally, such commands will be replaced with equivelent perl code which could simply be eval()'d, but I'm concerned that one of my coworkers might write his perl code with backticks in it (like `grep foo *.bar`) instead of writing the few extra lines of code, particularly since we have a lot of legacy code in several languages (such as ksh functions). Wouldn't that effectively fork an entire server process before exec'ing the qx//? And is there any simple way to prevent that, or any simple alternative aside from a big stick? (a stoopid question -- Doesn't a Perl eval() with backticks do a full blown program fork and exec, too?) Also, I realize the security holes this might present, but the files in question are never influenced by user input. Security isn't the question -- just the fork. Thanks a mil, Paul __________________________________________________ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
