As I'm reading this thread- I'm wondering- is there a way to compile
perl so it wont accept code from STDIN, or from an ARGV, or is this just
something that's inherrited by the way UNIX lets you call shells w/ the
`#!`
I know the #!/usr/bin/perl along w/ an executable file tells UNIX that
you need to run the /usr/bin/perl executable- is everything else in the
script passed to perl through STDIN, it can't be- there has to be some
other mechanism-
so- now I'm curious if there's a way to disable perl's ability to
interpret code from STDIN, or and ARGV as shown in the two examples and
still have it run standard perl scripts that start w/ traditional shebang.
jmg
Jeff Schroeder wrote:
....Basically this just takes the arguments to "perl blah blah" and checks
whether the first one begins with "/tmp", then also checks whether /tmp
is the current directory. It would prevent things like
perl /tmp/my-evil-script.pl
and
cd /tmp ; perl my-evil-script.pl
Although it wouldn't stop
cat /tmp/my-evil-script.pl | perl
or even
perl /./tmp/my-evil-script.pl
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
