Yes.
Oh, you mean will I elaborate?
OK.
No shell is involved. This makes it safer than the solutions I've seen
that usually end up as something like:
my @RESULT = `echo $INPUT | Some Command`;
The problem is that $INPUT is being handed to a shell,
making me have to worry and wonder about all shell-sensitive characters.
| [reply]
[d/l] |
Thanks, I had forgotten about that.
I should think this method might be preferred then, unless the application is something quick-and-dirty.
Will you please comment on the disadvantages of this method?
-QM
--
Quantum Mechanics: The dreams stuff is made of
| [reply] |
Will you please comment on the disadvantages of this method?
It depends on where your input is coming from and what
it contains, but in the general case, wherein the
input *might* contain shell metacharacters and *might*
potentially even be constructed with malice, the
shell *might* give complete control of your system
(or, at least, as much control as is available to the
user the code is running as) to whoever constructed
the input. More likely, however, a shell metacharacter
will get included randomly by someone who is not aware
of the implications and cause apparently random
breakage. For
example, you'll put an ampersand in the input one time
without thinking, and Weird Stuff(TM) will happen,
and you'll have to track down the problem and figure
out that the ampersand needs to be escaped, and so on.
This is bad: your program is not robust, and input
that's a little different from what was anticipated
causes it to unexpectedly fail.
It's also something of a portability nightmare, since
different shells have different metacharacters
that behave in different ways. This can create
all kinds of zany debugging fun.
;$;=sub{$/};@;=map{my($a,$b)=($_,$;);$;=sub{$a.$b->()}}
split//,".rekcah lreP rehtona tsuJ";$\=$;[-1]->();print
| [reply] |
