in reply to Using exec() for executing shell scripts in CGI

I think your solution may be verging on over-kill. You should be able to achieve the same effect with a direct call to system() or exec():

my %commands = ( opt1 => "exe1", opt2 => "exe2", opt3 => "exe3", ); my $runmode = $cgi->param("runmode"); if(exists $commands{$runmode} ) { system( $commands{$runmode}, $arg1, $arg2 ); if($?) { handle_error(); } } else { handle_error(); # invalid $runmode }

If you don't need to wait until the program returns, then replace system with exec.

The important thing to be aware of here is that calls to system()/exec() make your code unportable. If you're trying to remove a file, make a directory, run "find", get a directory listing or other things like that, then you should be using Perl's built ins or appropriate modules (for example unlink, mkdir or File::Path, File::Find, opendir and readdir or glob).

As far as security goes, you need to consider the following things:

I hope this helps.


Update Sorry I should have been checking $? not $@ in my second if statement.