Broad Network

Miscellaneous Insecurities and Prevention in Perl

Perl Insecurities and Prevention – Part 7

Perl Course

Foreword: In this part of the series, I talk about Miscellaneous Insecurities and Prevention.

By: Chrysanthus Date Published: 23 Nov 2015


This is part 7 of my series, Perl Insecurities and Prevention. The word, miscellaneous, means features that do not really fit in a particular category. In this part of the series, I talk about Miscellaneous Insecurities and Prevention. You should have read the previous parts of the series before coming here, as this is a continuation.

Regular Expression
Perl’s regular expression can rather easily consume large amounts of both time and memory if the regular expression may match in several ways. Careful crafting of the regular expressions can help but quite often there really is not much you can do.

The eval Function
The two main syntaxes for the eval() function are:

    eval EXPR
    eval BLOCK;

The first syntax is evaluated at run time. The second syntax is compiled. The first syntax is more dangerous than the second syntax, because it allows the user to run code at run time, which cannot be checked by the author of the program. The problem with the second syntax is that it can receive inputs that are dangerous at run time.

I do not use the first syntax. I use the second syntax only to check errors; and I do not use it in a module.

First Preventive Measure
The first preventive measure to take for any program is not to give any user or group that you do not trust, write permission. If you do that, they can rewrite your program for you to their advantage.

That is it for this part of the series.


Related Links

Perl Basics
Perl Data Types
Perl Syntax
Perl References Optimized
Handling Files and Directories in Perl
Perl Function
Perl Package
Perl Object Oriented Programming
Perl Regular Expressions
Perl Operators
Perl Core Number Basics and Testing
Commonly Used Perl Predefined Functions
Line Oriented Operator and Here-doc
Handling Strings in Perl
Using Perl Arrays
Using Perl Hashes
Perl Multi-Dimensional Array
Date and Time in Perl
Perl Scoping
Namespace in Perl
Perl Eval Function
Writing a Perl Command Line Tool
Perl Insecurities and Prevention
Sending Email with Perl
Advanced Course
Miscellaneous Features in Perl
Perl Two-Dimensional Structures
Advanced Perl Regular Expressions
Designing and Using a Perl Module
More Related Links
Perl Mailsend
PurePerl MySQL API
Perl Course - Professional and Advanced
Major in Website Design
Web Development Course
Producing a Pure Perl Library
MySQL Course



Become the Writer's Fan
Send the Writer a Message