Kevin Zollinger <[EMAIL PROTECTED]> writes:
> The reason that you don't want to put stuff on the command line is
> so that a "bad guy" can't just 'ps -ef' to get your passwords. There
> is no quality information to be gleaned from the release of a
> pending message. I would say that you were safe to proceed with the
> command line option.
Not to mention you don't have to spawn a shell to use command
arguments -- in perl if you use the "system" call with multiple
arguments it will *not* spawn a shell to exec the program:
system("tmda-pending -br $filename");
_will_ spawn a shell, whereas:
system("tmda-pending", "-br", $filename);
Will not.
Hope that helps,
--
Josh Huber
_____________________________________________
tmda-users mailing list ([EMAIL PROTECTED])
http://tmda.net/lists/listinfo/tmda-users
