The first step if security matters is to read
perlsec and
then turn on taint checking.
A good step regardless is to have every open test what
you did. I believe in doing it like perlstyle says and
having the error message include the filename, attempted
operation, and $!.
If you need to read and write files but don't want to
follow symlinks, this can get fairly tricky. The following
code (which will fail horribly on systems without
symlinks) demonstrates how to do it safely:
#! /usr/bin/perl -w
use strict;
use Carp;
use Symbol; # Needed on 5.005 and less
sub clear_file {
my ($fh, $name) = @_;
seek($fh, 0, 0) or confess("Cannot seek to beginning of '$name': $!"
+);
truncate($fh, 0) or confess("Cannot truncate '$name': $!");
}
sub deny_symlink {
my ($fh, $name) = @_;
# In the following testing the filehandle avoids a race
# condition, but I think that whether it works is OS
# specific. :-(
if (-l $fh or -l $name) {
my $real = readlink($name);
confess("Refusing to follow symlink from $name to $real");
}
}
sub open_read {
my $name = shift;
my $fh = gensym();
open($fh, "< $name") or confess("Cannot read '$name': $!");
deny_symlink($fh, $name);
return $fh;
}
sub open_write {
my $name = shift;
my $fh = gensym();
open ($fh, "+>> $name") or confess("Cannot write '$name': $!");
deny_symlink($fh, $name);
clear_file($fh, $name);
return $fh;
}
my $filename = "whatever";
*FH = open_write($filename);
print FH "Hello world\n";
close FH;
*FH = open_read($filename);
print <FH>;
In general if you need temporary files,
do not
attempt to roll that yourself. Use
File::Temp.
Really.
Also note that if you are concerned with security then you
may want to think about locking. For an example (which
could easily be improved) that I came up with a while ago
see Simple Locking.
With luck this should give you some ideas of how to
improve the security of your programs.
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.