http://qs321.pair.com?node_id=1186671


in reply to Re^2: Directory Structure.
in thread Directory Structure.

if you're passing user input to the shell

if youre passing data from untrusted sources unlaundered into the shell (see perlsec) is both more general and to the point. If I'm the user - whom I mostly trust - there's nothing wrong with my data. Except if there is, of course.

</nitpick>

perl -le'print map{pack c,($-++?1:13)+ord}split//,ESEL'

Replies are listed 'Best First'.
Re^4: Directory Structure.
by AppleFritter (Vicar) on Apr 01, 2017 at 10:22 UTC

    If I'm the user - whom I mostly trust - there's nothing wrong with my data.

    DO you trust yourself?

    I trust myself to not try and actively exploit or sabotage my own systems. I do not trust myself to always get things right -- coding defensively and making things fail gracefully, avoiding unexpected and potentially dangerous behavior, is a good thing!

    Avoiding the shell (unless you have a good reason not to) is like useing strict. Yes, I trust myself, but I know I'm not perfect, so I'd rather have that extra safety net.

    (There's also the question of whether whoever is at the terminal, logged in as you, is ACTUALLY you, but in my case that's a lesser concern.)

      DO you trust yourself?

      Again, mostly. If I didn't, I couldn't be doing my job. Come on, if I don't trust myself, whome else could I trust?

      I do not trust myself to always get things right

      That's why I wrote Except if there is, of course.

      But that's not the point of my previous posting. It is not only user input, but unlaundered data from any source which cannot be trusted.

      perl -le'print map{pack c,($-++?1:13)+ord}split//,ESEL'