Re: Security problems with: system "printf \"$_\" | pbcopy"

Thanks - I see it in the docs.

I don't see the need to avoid using the shell as I am running this in 
the shell and the are no non alphanumberic content (I stripped  them 
out with regex) and this is not a web app.  But it looks interesting - 
I'll look at it some more.


Larry Furnival
Manager Instructional Media Lab
Academic Computing Services/Computing Information Services
Teachers College, Columbia University
On Apr 14, 2005, at 1:45 PM, Jeremy Mates wrote:

> * Lawrence Furnival <lrf10@xxxxxxxxxxxx>
> > Here is I am in a loop through multi lines from the copied from the
> > clipboard and being feed back one line at a time to the clipboard:
> >
> >       system "printf \"$_\" | pbcopy";
>
> Whoa there! The above may allow a nefarious user to run arbitrary
> shell commands:
>
>   #!/usr/bin/perl -w
>   use strict;
>
>   while (<DATA>) {
>     system qq{printf "$_" | pbcopy};
>   }
>
>   __DATA__
>   asdf"; touch /tmp/gotcha
>
> With a piped open, there is no security risk, as the shell is not
> involved:
>
>   #!/usr/bin/perl -w
>   use strict;
>
>   while (<DATA>) {
>     open PBCOPY, "|-" or exec 'pbcopy' or die "nuts: errno=$!\n";
>     print PBCOPY;
>     close PBCOPY;
>   }
>
>   __DATA__
>   asdf"; touch /tmp/gotcha
>
> For more information on piped opens and security, consult:
>
> http://sial.org/howto/perl/backticks/
>
> http://perldoc.perl.org/perlipc.html
>
> http://perldoc.perl.org/perlsec.html