No executables in /tmp
justin gedge
jgedge at amis.com
Tue Mar 28 09:32:26 MST 2006
As I'm reading this thread- I'm wondering- is there a way to compile
perl so it wont accept code from STDIN, or from an ARGV, or is this just
something that's inherrited by the way UNIX lets you call shells w/ the
`#!`
I know the #!/usr/bin/perl along w/ an executable file tells UNIX that
you need to run the /usr/bin/perl executable- is everything else in the
script passed to perl through STDIN, it can't be- there has to be some
other mechanism-
so- now I'm curious if there's a way to disable perl's ability to
interpret code from STDIN, or and ARGV as shown in the two examples and
still have it run standard perl scripts that start w/ traditional shebang.
jmg
Jeff Schroeder wrote:
>....Basically this just takes the arguments to "perl blah blah" and checks
>whether the first one begins with "/tmp", then also checks whether /tmp
>is the current directory. It would prevent things like
>
>perl /tmp/my-evil-script.pl
>
>and
>
>cd /tmp ; perl my-evil-script.pl
>
>Although it wouldn't stop
>
>cat /tmp/my-evil-script.pl | perl
>
>or even
>
>perl /./tmp/my-evil-script.pl
>
>
More information about the PLUG
mailing list