Stas, the example you supplied in the miniguide
(http://perl.apache.org/guide/performance.html#Forking_or_Executing_Subprocesse)
doesn't work.
It's because the scalar returned by FreezeThaw::thaw contains shell escape
chars, like: [|;] so system("program.pl $params") obviously will break.
If the argument we will pass to the external script is just a simple scalar,
regexing the arg is enough, like in a SIG{__DIE__} handler in my
handler.pl:
$SIG{__DIE__} = sub {
local $ENV{'PATH'} = '/home/myhome';
my $params = $_[0];
$params =~ s#\n# #gs;
$params =~ s/'/"'"/gm;
my $taint_safe = ($params =~ m#(.*)#m)[0];
system("alertall '$taint_safe'");
};
But if the arg is in a more complicated type, of course stringification is
essential, but then we have to make it safe for shell.
MIME::Base64 is the easy way for this, but probably a bit overkill :-)
Thanks for the excellent guide.
Regards,
Edwin.
