Vulnerability Development mailing list archives
PERL's -e check
From: Joe Testa <jst3290 () RITVAX ISC RIT EDU>
Date: Sun, 24 Dec 2000 19:11:40 -0500
Hi all -- I've noticed here and there that some PERL scripts pass user input directly into an open() call protected by a "-e" check. Example: # $temp_file is taken from the submitted form if(-e $temp_file) { open(TEMP, "<$temp_file"); ... } Is there any trick that would bypass the "-e"? Thanks in advance. - Joe Testa P.S. Greets to @stake and the cDc.
Current thread:
- PERL's -e check Joe Testa (Dec 26)
- Re: PERL's -e check Adam Prato (Dec 26)
- Re: PERL's -e check Matt Zimmerman (Dec 26)
- Re: PERL's -e check Joe Testa (Dec 26)
- Re: PERL's -e check Matt Zimmerman (Dec 28)
- Re: PERL's -e check Juergen P. Meier (Dec 26)
- Re: PERL's -e check Pavel Kankovsky (Dec 27)