background preloader

Perl

Facebook Twitter

Perlsec - Perl security. Perlsec - Perl security Perl is designed to make it easy to program securely even when running with extra privileges, like setuid or setgid programs. Unlike most command line shells, which are based on multiple substitution passes on each line of the script, Perl uses a more conventional evaluation scheme with fewer hidden snags. Additionally, because the language has more builtin functionality, it can rely less upon external (and possibly untrustworthy) programs to accomplish its purposes. Perl automatically enables a set of special security checks, called taint mode, when it detects its program running with differing real and effective user or group IDs.

While in this mode, Perl takes special precautions called taint checks to prevent both obvious and subtle traps. You may not use data derived from outside your program to affect something else outside your program--at least, not by accident. For example: $path = $ENV{'PATH'}; # $path now tainted Laundering and Detecting Tainted Data. ! Aware to Perl: open FILEHANDLE,EXPR. Opens the file whose filename is given by EXPR, and associates it with FILEHANDLE. If FILEHANDLE is an expression, its value is used as the name of the real filehandle wanted.

If EXPR is omitted, the scalar variable of the same name as the FILEHANDLE contains the filename. (Note that lexical variables--those declared with my--will not work for this purpose; so if you're using my, specify EXPR in your call to open.) If the filename begins with '<' or nothing, the file is opened for input.

If the filename begins with '>', the file is truncated and opened for output. If the filename begins with '>>', the file is opened for appending. You can put a '+' in front of the '>' or '<' to indicate that you want both read and write access to the file; thus '+<' is almost always preferred for read/write updates--the '+>' mode would clobber the file first. Opening '-' opens STDIN and opening '>-' opens STDOUT. Examples: $ARTICLE = 100; open ARTICLE or die "Can't find article $ARTICLE: $!

#! Rex Swain's HTMLified Perl 5 Reference Guide. PERL One Liners. Re: undefining hashes to free memory. Profiling Perl. Everyone wants their Perl code to run faster. Unfortunately, without understanding why the code is taking so long to start with, it's impossible to know where to start optimizing it. This is where "profiling" comes in; it lets us know what our programs are doing. We'll look at why and how to profile programs, and then what to do with the profiling information once we've got it. There's nothing worse than setting off a long-running Perl program and then not knowing what it's doing. I've recently been working on a new, mail-archiving program for the perl.org mailing lists, and so I've had to import a load of old email into the database.

Here's the code I used to do this: It's an innocent little program -- it looks for all the files in the perl6-language directory whose names are purely numeric (this is how messages are stored in an ezmlm archive), reads the contents of the files into memory with File::Slurp::read_file, and then uses Email::Store to put them into a database. Opentut. <div class="noscript"><p><strong>Please note: Many features of this site require JavaScript. You appear to have JavaScript disabled, or are running a non-JavaScript capable web browser. </strong></p><p> To get the best experience, please enable JavaScript or download a modern web browser such as <a href=" Explorer 8</a>, <a href=" <a href=" or <a href=" Chrome</a>.

</p></div> perlopentut - tutorial on opening things in Perl Perl has two simple, built-in ways to open files: the shell way for convenience, and the C way for precision. Perl's open function was designed to mimic the way command-line redirection in the shell works. And here are some more advanced examples: $ otherprogram | myprogram f1 - f2 $ otherprogram 2>&1 | myprogram - $ myprogram <&3 $ myprogram >&4. Recipe 7.11. Locking a File. Discussion Operating systems vary greatly in the type and reliability of locking techniques available. Perl tries hard to give you something that works, even if your operating system uses its own underlying technique. The flock function takes two arguments: a filehandle and a number representing what to do with the lock on that filehandle. The numbers are normally represented by names like LOCK_EX, which you can get from the Fcntl or IO::File modules. The LOCK_SH, LOCK_EX, LOCK_UN, and LOCK_NB symbolic values were not available in the Fcntl module before the 5.004 release, and even now they are available only if you ask for them specifically using the :flock tag.

Their values are 1, 2, 4, and 8 respectively, which you may supply yourself instead of using the symbolic constants. Sub LOCK_SH() { 1 } # Shared lock (for reading) sub LOCK_EX() { 2 } # Exclusive lock (for writing) sub LOCK_NB() { 4 } # Non-blocking request (don't stall) sub LOCK_UN() { 8 } # Free the lock (careful!) PerlMonks - The Monastery Gates.