[29423] in Perl-Users-Digest
Perl-Users Digest, Issue: 667 Volume: 11
daemon@ATHENA.MIT.EDU (Perl-Users Digest)
Fri Jul 20 21:10:02 2007
Date: Fri, 20 Jul 2007 18:09:12 -0700 (PDT)
From: Perl-Users Digest <Perl-Users-Request@ruby.OCE.ORST.EDU>
To: Perl-Users@ruby.OCE.ORST.EDU (Perl-Users Digest)
Perl-Users Digest Fri, 20 Jul 2007 Volume: 11 Number: 667
Today's topics:
Apache Perl Problem...Help! onalos@gmail.com
Re: Apache Perl Problem...Help! <tlviewer@VISTAyahoo.com>
Re: FAQ 4.45 How do I find the first array element for <bik.mido@tiscalinet.it>
Re: FAQ 4.45 How do I find the first array element for anno4000@radom.zrz.tu-berlin.de
Re: how to distill this par of string from whole string <tadmc@seesig.invalid>
Re: how to put "if" within a loop <nobull67@gmail.com>
Looking for modules to help downlaod web-pages... <koppe74@gmail.com>
Re: Looking for modules to help downlaod web-pages... <wyzelli@yahoo.com>
Re: Math <m@rtij.nl.invlalid>
Re: Math <sigzero@gmail.com>
Re: NET::SMTP and Authentication <glex_no-spam@qwest-spam-no.invalid>
Re: OK, so what's the different between OR and || in co <attn.steven.kuo@gmail.com>
Re: OK, so what's the different between OR and || in co <spamtrap@dot-app.org>
Re: pid from startet process (Douglas Wells)
Re: pid from startet process anno4000@radom.zrz.tu-berlin.de
removing . from a string pkassies@gmail.com
Re: removing . from a string <lambik@kieffer.nl>
Re: removing . from a string <glex_no-spam@qwest-spam-no.invalid>
Re: removing . from a string pkassies@gmail.com
Re: removing . from a string <noreply@gunnar.cc>
Re: removing . from a string <jgibson@mail.arc.nasa.gov>
Re: removing . from a string <glex_no-spam@qwest-spam-no.invalid>
Re: removing . from a string <tadmc@seesig.invalid>
Re: Webhosting Manager app krakle@visto.com
Re: What to do about memory leaks <rcs@bgoark.no>
Re: XML::Twig segfault on solaris <xmltwig@gmail.com>
Digest Administrivia (Last modified: 6 Apr 01) (Perl-Users-Digest Admin)
----------------------------------------------------------------------
Date: Fri, 20 Jul 2007 13:33:05 -0700
From: onalos@gmail.com
Subject: Apache Perl Problem...Help!
Message-Id: <1184963585.769131.225680@q75g2000hsh.googlegroups.com>
Okay....you will have to excuse me because I am not fluent in linux at
all. My unix admin was recently let go without a replacement and so I
have inherited it until they do so.The box itself is never touched and
so I am unsure what went wrong. Upon booting up the server, everything
appears fine. However, after just a few minutes things start to hang
and the website the box is serving is inaccessible. I went into system
monitor and looked at the processes. There were a number of httpd
processes that were running and a process called perl under one them
that seemed to be eating up all the memory in the system which has 1gb
worth. The process dies after a couple of minutes but then comes back
and it creeps right back up again to where the system is practically
unresponsive. It just keeps doing this over and over again. The site
we are running is done in php and I dont believe it uses perl at all.
I was hoping somone could help me figure out whats going on and/or
help me with turning perl off or something. Any help would be greatly
appreciated. Thanks in advance!
Matt
------------------------------
Date: 20 Jul 2007 21:08:47 GMT
From: Mark Pryor <tlviewer@VISTAyahoo.com>
Subject: Re: Apache Perl Problem...Help!
Message-Id: <46a1245f$0$8015$4c368faf@roadrunner.com>
On Fri, 20 Jul 2007 13:33:05 -0700, onalos wrote:
> and the website the box is serving is inaccessible. I went into system
> monitor and looked at the processes. There were a number of httpd
> processes that were running and a process called perl under one them
> that seemed to be eating up all the memory in the system which has 1gb
> worth. The process dies after a couple of minutes
In linux, I would do
#ps aux | grep perl
This will show the complete commandline of the perl call. Now try to see
the path to the problem script and then track down the owner.
> I was hoping somone
> could help me figure out whats going on and/or help me with turning perl
> off or something.
Gasp! Turn off perl on the whole box? This is some kind of blasphemous
windows based thinking -- Unix and Linux run on top of Perl and Python,
among others.
--
Mark
------------------------------
Date: Fri, 20 Jul 2007 23:02:59 +0200
From: Michele Dondi <bik.mido@tiscalinet.it>
Subject: Re: FAQ 4.45 How do I find the first array element for which a condition is true?
Message-Id: <aj82a3tgbh1p9iqv519n28n6qa883bmrv6@4ax.com>
On Fri, 20 Jul 2007 07:22:11 -0700, MrL22 <mr.leishman@gmail.com>
wrote:
>Subject: Re: FAQ 4.45 How do I find the first array element for which a condition is true?
^^^^^
^^^^^
># Do this using GREP
>
>my @people = ('Jacob Smith', 'Michael Brown', 'Joshua Smith', 'Matthew
>Cope');
>@smiths = grep(/smith/i, @people);
No!
my $first = (grep /smith/i, @people)[0];
But inefficient, because it will grep more than necessary.
Michele
--
{$_=pack'B8'x25,unpack'A8'x32,$a^=sub{pop^pop}->(map substr
(($a||=join'',map--$|x$_,(unpack'w',unpack'u','G^<R<Y]*YB='
.'KYU;*EVH[.FHF2W+#"\Z*5TI/ER<Z`S(G.DZZ9OX0Z')=~/./g)x2,$_,
256),7,249);s/[^\w,]/ /g;$ \=/^J/?$/:"\r";print,redo}#JAPH,
------------------------------
Date: 20 Jul 2007 23:50:25 GMT
From: anno4000@radom.zrz.tu-berlin.de
Subject: Re: FAQ 4.45 How do I find the first array element for which a condition is true?
Message-Id: <5gd021F3ec6gfU1@mid.dfncis.de>
Michele Dondi <bik.mido@tiscalinet.it> wrote in comp.lang.perl.misc:
> On Fri, 20 Jul 2007 07:22:11 -0700, MrL22 <mr.leishman@gmail.com>
> wrote:
>
> >Subject: Re: FAQ 4.45 How do I find the first array element for which a
> condition is true?
> ^^^^^
> ^^^^^
>
> ># Do this using GREP
> >
> >my @people = ('Jacob Smith', 'Michael Brown', 'Joshua Smith', 'Matthew
> >Cope');
> >@smiths = grep(/smith/i, @people);
>
> No!
>
> my $first = (grep /smith/i, @people)[0];
>
> But inefficient, because it will grep more than necessary.
I prefer to write that
my ( $first) = grep ...;
It can easily be combined with a check for uniqueness, which is
sometimes an issue:
my @l = qw( foo bar baz);
( my ( $first) = grep /ba/ => @l ) > 1 and warn "not unique\n";
print "first: $first\n";
Anno
------------------------------
Date: Fri, 20 Jul 2007 22:59:05 GMT
From: Tad McClellan <tadmc@seesig.invalid>
Subject: Re: how to distill this par of string from whole string
Message-Id: <slrnfa2ehv.jb7.tadmc@tadmc30.sbcglobal.net>
[ Please learn the correct way of composing a followup message.
Please do this soon.
Please see the Posting Guidelines that are posted here frequently.
]
jeanwelly <jeanwelly@gmail.com> wrote:
> andgjdkj..dlodjghghdhhdghhd\ndkkdkd\n
> On 7 20 , 8 54 , Tad McClellan <ta...@seesig.invalid> wrote:
>> jeanwelly <jeanwe...@gmail.com> wrote:
>> > $mystring = "andgjdkj..dlodjghghdhhdghhd\ndkkdkd\n/usr/local/ddd\n";
>> > I want to distill "/usr/loca/add"
>>
>> What is it about that string that indicates that that is what
>> should be extracted?
>> (my $variable = $mystring) =~ s/^(.*?\/)|\n//sg;
>> or
>> my $variable = substr $mystring, rindex($mystring, '/usr/'), -1;
>> or
>> my $variable = substr $mystring, 35, 14;
>> or
>> my($variable) = $mystring =~ /^(\/.*)/m;
>> or
>> my($variable) = $mystring =~ m#(/.*)#;
>> or
>> my($variable) = grep /\//, split /\n/, $mystring;
>> or
>> my $variable = (split /\n/, $mystring)[2];
> If I can't know how many "\n" in the string, howthe script can be
> written to find all characters before /, and cut them, so I can get /
> usr/local/.../?
One of the ways shown above already does that.
Did you try any of them?
--
Tad McClellan
email: perl -le "print scalar reverse qq/moc.noitatibaher\100cmdat/"
------------------------------
Date: Fri, 20 Jul 2007 18:14:48 -0000
From: Brian McCauley <nobull67@gmail.com>
Subject: Re: how to put "if" within a loop
Message-Id: <1184955288.596611.167440@m3g2000hsh.googlegroups.com>
On Jul 17, 8:01 pm, Jie <jiehuang...@gmail.com> wrote:
> as you see below, I am trying to compare if a list of files have
> common elements. The following code works. The problem is that for the
> last two lines I need to manually write each array element. when the
> array is long, it is much awkward.
>
> is there a way to put the "if" inside a loop?
>
> thank you very much!
>
> Jie
>
> ==========my code============
> @lists = ("A", "B", "C");
Why are you not declaring your variables?
> foreach $list (@lists) {
> %{$list} = ();
Why are you using symbolic references?
> open IN, " < $list.txt";
Why are you using global filehandles?
Why are you using the 2-arg open?
All the above implies to me that you are learning to program in Perl4.
Perl5 has been around a long time now. There's really no reason to
learn Perl4. If you have a book or other resource that is teaching you
Perl4 programming techniques I suggest you burn it.
------------------------------
Date: Fri, 20 Jul 2007 15:53:08 -0700
From: Koppe <koppe74@gmail.com>
Subject: Looking for modules to help downlaod web-pages...
Message-Id: <1184971988.527117.237460@w3g2000hsg.googlegroups.com>
I'm afraid I'm a bit of a newbee when it comes to Perl,
though I have some experience with other languages
(mostly C++).
I would like to make a script to automate the downloading
some pages on the Web, and thought Perl should be
suitable for this. However, I'll undoubtfully need some
modules, and I have no idea of which ones... So I would
appriciate suggestions to what modules I may need and
should take a closer look at.
I'm planning on making something similar to 'wget', but
specialized to the type of pages I want; so it will mostly
be a matter of downloading web-pages, saving them,
and parsing them for links to other web-pages to download.
I may also need to save other page contents (e.g. images),
and maybe event content refered to by CSS (e.g. background
images). Many of the pages I'm after are PHP-pages (but
AFAIK that is handled on the server-side, isn't it).
Some of the pages require log-in, so an ability for the script
to recognize a password-form, fill-in user-name and
password and post it -- as well as accepting cookies -- are
needed too. Pages containing just a confirmation-button
for proceding, may also need to be "pushed" by the script.
There may also be need to fill-in and send forms with things
like date-of-birth -- maybe also in the form of drop-down lists.
Many of these are redirects; e.g. I want a page with text, but
unless I've previously logged-in, specified dob or confirmed,
I'm redirected to forms. After I've filled in the form, I procede
to the page I wanted. However -- at least in my browser -- these
pages (the one I want and the one I need to fill stuff in on) seem
to have the same URL and be "identical" from the browsers pov.
Some limited emulation of JavaScript would also be great. E.g.
the ability to "fake" a pop-up dialog-box and "press" "OK" or
"Yes"; for posting some forms; and for redirecting.
So any idea for modules I ought to look at for accomplising
some or all of the above, would be very much appriciated.
-Koppe
------------------------------
Date: Sat, 21 Jul 2007 01:05:32 GMT
From: "Peter Wyzl" <wyzelli@yahoo.com>
Subject: Re: Looking for modules to help downlaod web-pages...
Message-Id: <wZcoi.9935$4A1.4451@news-server.bigpond.net.au>
"Koppe" <koppe74@gmail.com> wrote in message
news:1184971988.527117.237460@w3g2000hsg.googlegroups.com...
> I'm afraid I'm a bit of a newbee when it comes to Perl,
> though I have some experience with other languages
> (mostly C++).
>
> I would like to make a script to automate the downloading
> some pages on the Web, and thought Perl should be
> suitable for this. However, I'll undoubtfully need some
> modules, and I have no idea of which ones... So I would
> appriciate suggestions to what modules I may need and
> should take a closer look at.
>
> I'm planning on making something similar to 'wget', but
> specialized to the type of pages I want; so it will mostly
> be a matter of downloading web-pages, saving them,
> and parsing them for links to other web-pages to download.
> I may also need to save other page contents (e.g. images),
> and maybe event content refered to by CSS (e.g. background
> images). Many of the pages I'm after are PHP-pages (but
> AFAIK that is handled on the server-side, isn't it).
>
> Some of the pages require log-in, so an ability for the script
> to recognize a password-form, fill-in user-name and
> password and post it -- as well as accepting cookies -- are
> needed too. Pages containing just a confirmation-button
> for proceding, may also need to be "pushed" by the script.
> There may also be need to fill-in and send forms with things
> like date-of-birth -- maybe also in the form of drop-down lists.
> Many of these are redirects; e.g. I want a page with text, but
> unless I've previously logged-in, specified dob or confirmed,
> I'm redirected to forms. After I've filled in the form, I procede
> to the page I wanted. However -- at least in my browser -- these
> pages (the one I want and the one I need to fill stuff in on) seem
> to have the same URL and be "identical" from the browsers pov.
>
> Some limited emulation of JavaScript would also be great. E.g.
> the ability to "fake" a pop-up dialog-box and "press" "OK" or
> "Yes"; for posting some forms; and for redirecting.
>
> So any idea for modules I ought to look at for accomplising
> some or all of the above, would be very much appriciated.
Big job... start with LWP modules which are installed as part of Perl. That
will in turn lead to to many others that will possibly be helpful, cookies
etc.
Also search CPAN http://www.cpan.org/ for various other things you need.
P
------------------------------
Date: Sat, 21 Jul 2007 00:32:51 +0200
From: Martijn Lievaart <m@rtij.nl.invlalid>
Subject: Re: Math
Message-Id: <pan.2007.07.20.22.33.20@rtij.nl.invlalid>
On Fri, 20 Jul 2007 16:50:20 +0000, Brian Blackmore wrote:
> I remember once where we had an algorithm that should have been faster
> in assembly, but the GCC optimizer came up with something better than
> that for the slow i386 machine. Nevertheless, the simple assembly was
> still the better choice for the manufactured chip (not exactly a
> surprise).
Been there, done that. Tried to optimize the most called routine in
assembly in a program written in C. (Yes, I did profile it first.) Turns
out the compiler (Borland C in this case) did a better job of optimizing
than I could.
M4
------------------------------
Date: Fri, 20 Jul 2007 22:36:14 -0000
From: Robert Hicks <sigzero@gmail.com>
Subject: Re: Math
Message-Id: <1184970974.756313.83640@m3g2000hsh.googlegroups.com>
On Jul 19, 11:46 pm, Brian Blackmore <b...@po.cwru.edu> wrote:
> Michele Dondi <bik.m...@tiscalinet.it> wrote:
> > On Thu, 19 Jul 2007 01:46:54 -0000, Robert Hicks <sigz...@gmail.com>
> > wrote:
> > >Subject: Math
> > Maths!
>
> Math! If you need an `s' at the end, it's mathematics!
>
> > >I realize that any math in Perl is probably slower than the same math
> > >in "C" but I was wondering if Perl was as accurate as "C" in math
> > >computations. I don't see why it wouldn't be but I thought I would ask
> > >as a heavy spherical math project is on the horizon.
> > With the usual caveat about "many parameters to take into account",
> > there shouldn't be a difference, but possibly for a Perl's dwimmery
> > not really doing what you want. And when accuracy becomes a relevant
> > issue, then you can use specialized packages, as hinted to by others.
>
> Yeah, everyone has pretty much indicated the problems here, but I'll
> echo the "it depends on what you're doing". I'm not the expert, but I
> have my own arbitrary precision stuff in perl and it's slow, but
> that's okay because it is supposed to be slow (figure that one out).
> On the other hand, my C matrix routines are faster than PARI.
>
> In my experience, perl is generally slower for heavy number crunching,
> but it does well enough if only 25% of your code really has anything
> to do with a bunch of numerical processing. If all that processing is
> driving some other frontend, then it seems to fair pretty well.
>
Basically it has to do with the positions of ships. We get emails from
the ships that have lat/lon coordinates and we plot them. We also do
stuff like figure out what ships are within SAR distance and what
ports are close at hand for SAR operations. So spherical trig stuff
comes into play. I don't think "fast" is a requirement as long as we
can get the email, look up the last position, do calculations and then
write back to the db. That is the basics of it.
We currently have c libs with the math and a Perl/XS module that calls
those routines. We are having a horrible time moving that code from PA-
RISC to Itanium (the code is as old as IRIS and PRIME). So we may just
move it all into the Perl realm to make it easier going forward.
Robert
------------------------------
Date: Fri, 20 Jul 2007 17:57:02 -0500
From: "J. Gleixner" <glex_no-spam@qwest-spam-no.invalid>
Subject: Re: NET::SMTP and Authentication
Message-Id: <46a13dbe$0$3571$815e3792@news.qwest.net>
still me wrote:
> I need some basic info on how to go about doing authentication when
> trying to connect to a server using Net::SMTP. I did some searching
> but I'm not sure if I hopped on the right train. Feel free to dope
> slap me with a better approach... I'm a newbie at Perl and it's object
> oriented features.
>
> My program right now does this:
>
> my $smtp = Net::SMTP->new(smtp.example.com');
> die "Could not open connection: $!" if (! defined $smtp);
>
> I found some documentation that leads me to believe I can use the code
> below, but I'd like some confirmation:
What happened when you tried it?
>
> my $smtp =
> Net::SMTP->new('smtp.example.com',25,'domainOfAccount.com','MyAccount','MyPassword',
> :plain);
>
> First question: Does the above modification look legit?
>
> I also found that the are three login schemes (last parameter) of
> :plain,:login, and :cram_md5. I read some docs on this too... most a
> bit obtuse and targeted towards people working the SMTP servers... but
> if I understand correctly, this controls how the user/pass is sent to
> the SMTP server with "cram_md5" being encrypted, "plain" being clear
> text, and "login" is ?
Looking through the documentation on CPAN
http://search.cpan.org/~gbarr/libnet-1.21/Net/SMTP.pm
There's no mention of :plain, :login, etc. where is the
documentation you're referring to?
------------------------------
Date: Fri, 20 Jul 2007 11:12:24 -0700
From: "attn.steven.kuo@gmail.com" <attn.steven.kuo@gmail.com>
Subject: Re: OK, so what's the different between OR and || in conditions?
Message-Id: <1184955144.348320.136750@x35g2000prf.googlegroups.com>
On Jul 20, 10:57 am, "attn.steven....@gmail.com"
<attn.steven....@gmail.com> wrote:
> On Jul 20, 6:45 am, detz <ryandet...@gmail.com> wrote:
>
> > OK, so what's the different between OR and || in conditions? I've
> > never been given a clear answer to this.
>
> Read 'perldoc perlop' regarding operator precedence
> and associativity. Then try to predict the output of:
>
> print "foo" if (1 or 1 ^ 1);
>
> print "bar" if (1 | 1 ^ 1);
>
Sorry, you were asking about ||, not |.
Here's a different example:
print "foo\n" if (print 0 || 1);
print "bar\n" if (print 0 or 1);
--
Hope this helps,
Steven
------------------------------
Date: Fri, 20 Jul 2007 16:14:54 -0400
From: Sherm Pendley <spamtrap@dot-app.org>
Subject: Re: OK, so what's the different between OR and || in conditions?
Message-Id: <m2ir8eessh.fsf@dot-app.org>
detz <ryandetzel@gmail.com> writes:
> On Jul 20, 11:12 am, anno4...@radom.zrz.tu-berlin.de wrote:
>> Jürgen Exner <jurge...@hotmail.com> wrote in comp.lang.perl.misc:
>>
>> > detz wrote:
>> > > OK, so what's the different between OR and || in conditions? I've
>> > > never been given a clear answer to this.
>>
>> > They have different priority. Details see "perldoc perlop".
>>
>> ...apart from the fact the Perl doesn't have an "OR" operator.
>>
>> Anno
>
> There's always one smart-ass in the crowd..that's for nothing.
Smart-ass? What are you talking about? Perl has an "or" operator, and it's
case-sensitive, so there is no "OR" operator.
sherm--
--
Web Hosting by West Virginians, for West Virginians: http://wv-www.net
Cocoa programming in Perl: http://camelbones.sourceforge.net
------------------------------
Date: Fri, 20 Jul 2007 14:08:25 -0400 (EDT)
From: see@signature.invalid (Douglas Wells)
Subject: Re: pid from startet process
Message-Id: <f7qtmp$2icm$1@flame.contek.com>
In article <5gc3fgF3ggf7oU1@mid.dfncis.de>, anno4000@radom.zrz.tu-berlin.de writes:
> Douglas Wells <see@signature.invalid> wrote in comp.lang.perl.misc:
>
> > (And in response to another comment in this thread, the PID of
> > child will almost certainly not be the shell's PID plus 1. Any
> > system that does that presents a major security risk and should
> > be trashed immediately -- because PIDs would then be guessable.)
>
> It's the other way around. Anything that relies on the non-predict-
> ability of PIDs is insecure, unless the system guarantees that property
> in a quantifiable way. I've never heard of that.
>
> Many Unix systems assign PIDs sequentially (usually skipping those
> that have been used recently, in some sense).
>
> Anno
You're partially right. Going back and checking I find that indeed
a number, perhaps even most, POSIX/Linux systems do assign PIDs
sequentially. So, I was wrong about that.
But, it is still a potential security vulnerability, and high
integrity systems don't do that. Let me explain (taking some
liberties with terminology for purposes of simplification).
Let's look at three levels of security-awareness in an OS environment.
Basic Security: It's possible for a highly knowledgeable engineer
to create an application that does not disclose information to
unauthorized subjects.
Example feature: Before the creation of the O_EXCL flag
to open(2) (originally creat(2)), it was almost impossible
to securely create a file in a shared directory.
General Security: The standard system tools support the average
programmer in the creation of secure applications.
Example feature: The invention of the mkstemp(3) subroutine
made it convenient to securely create a temporary file. It was
possible to properly use the earlier mktemp(3) subroutine, but
many programmers got it wrong.
Proactive Security: The system provides mechanisms that protect
against some design errors in applications.
Example feature: The removal of execute access from the stack.
This is not strictly necessary, and even disallows some
desirable features, but it protects against a common programming
error (buffer overflow).
Now lets look at guessable PIDs. Note that some shell scripts
(and even some programs) have a construct similar to:
TMPFILE=/tmp/mycmd.$$
(echo cmd1 ; echo cmd2 ) > $TMPFILE
sh $TMPFILE
If I find that a privileged process is running such a shell script,
I can precreate the file (by guessing the PID that the shell will
soon be using(*)). Once I have the privileged process executing
commands from a file that I own or have write privileges I can
easily compromise that level of privilege. While this particular
example is fairly blatant, numerous less obvious constructs are
equally vulnerable.
That's why guessable PIDs are a security vulnerability. And I'll
note that your statement that "Anything that relies on the
non-predictability of PIDs is insecure ..." is also true. The two
concepts are not contradictory once you accept that secureness is
not a binary attribute.
There's actually quite of bit of history of exploits using techniques
similar to this. For example, the mkstemp subroutine was added
to UNIX systems after a number of exploits or mktemp became known.
I won't get into lots of details here as we're rapidly getting off
topic -- although Perl scripts are subject to the same vulnerabilities
as the shell.
- dmw
(*) Actually I would precreate a lot of files to increase my chances
of guessing the right one. For example (in pseudo-code),
for PIDnum = getpid () to getpid () + 100
create /tmp/mycmd.PIDnum
--
. Douglas Wells . Connection Technologies .
. Internet: -sp9804- -at - contek.com- .
------------------------------
Date: 20 Jul 2007 20:07:50 GMT
From: anno4000@radom.zrz.tu-berlin.de
Subject: Re: pid from startet process
Message-Id: <5gcj0mF3g84mdU1@mid.dfncis.de>
Douglas Wells <see@signature.invalid> wrote in comp.lang.perl.misc:
> In article <5gc3fgF3ggf7oU1@mid.dfncis.de>,
> anno4000@radom.zrz.tu-berlin.de writes:
> > Douglas Wells <see@signature.invalid> wrote in comp.lang.perl.misc:
> >
> > > (And in response to another comment in this thread, the PID of
> > > child will almost certainly not be the shell's PID plus 1. Any
> > > system that does that presents a major security risk and should
> > > be trashed immediately -- because PIDs would then be guessable.)
> >
> > It's the other way around. Anything that relies on the non-predict-
> > ability of PIDs is insecure, unless the system guarantees that property
> > in a quantifiable way. I've never heard of that.
> >
> > Many Unix systems assign PIDs sequentially (usually skipping those
> > that have been used recently, in some sense).
> >
> > Anno
>
> You're partially right. Going back and checking I find that indeed
> a number, perhaps even most, POSIX/Linux systems do assign PIDs
> sequentially. So, I was wrong about that.
>
> But, it is still a potential security vulnerability, and high
> integrity systems don't do that. Let me explain (taking some
> liberties with terminology for purposes of simplification).
>
> Let's look at three levels of security-awareness in an OS environment.
[well known facts and concepts snipped]
> Now lets look at guessable PIDs. Note that some shell scripts
> (and even some programs) have a construct similar to:
>
> TMPFILE=/tmp/mycmd.$$
> (echo cmd1 ; echo cmd2 ) > $TMPFILE
> sh $TMPFILE
Yes, that's widely known to be vulnerable. Using it means to
rely on the un-guessability of PIDs, so it's out when security
is a concern. There are ways to create temp files safely.
Code that uses this construct must be considered unsafe. It doesn't
become safe by stopping this particular hole by changing the PID
assignment strategy. I'm not saying that PID randomization is a
bad thing. To rely on it is.
Anno
------------------------------
Date: Fri, 20 Jul 2007 14:19:22 -0700
From: pkassies@gmail.com
Subject: removing . from a string
Message-Id: <1184966362.806600.249510@r34g2000hsd.googlegroups.com>
Hello everybody,
I need to strip "90.00" back to "90".
I wrote the following program
#!/perl
$item = "90.0";
print &strip_dot($item);
sub strip_dot
{
print "1 - $_[0]\n";
if ($_[0] =~ m/./)
{
print "2 - $_[0]\n";
return substr ($_[0], 0, index($_[0],"."));
} else
{
print "3 - $_[0]\n";
return "$_[0]";
}
}
its output is:
1 - 90.0
2 - 90.0
90
Great that works.
but if I make $item = "90";
the output is:
1 - 90
2 - 90
9
Hmm, that is not what I want.
The if statement should generate FALSE and it shouldn't be stripped to
9.
How can I solve this?
Any help is appreaciated.
------------------------------
Date: Fri, 20 Jul 2007 23:32:56 +0200
From: "Lambik" <lambik@kieffer.nl>
Subject: Re: removing . from a string
Message-Id: <46a12989$0$37727$5fc3050@dreader2.news.tiscali.nl>
<pkassies@gmail.com> wrote in message
news:1184966362.806600.249510@r34g2000hsd.googlegroups.com...
> Hello everybody,
>
> I need to strip "90.00" back to "90".
> I wrote the following program
>
> #!/perl
>
> $item = "90.0";
> print &strip_dot($item);
>
> sub strip_dot
> {
> print "1 - $_[0]\n";
> if ($_[0] =~ m/./)
You need to escape the dot m/\./ but that only removes the dot, not the
figures behind it.
> {
> print "2 - $_[0]\n";
> return substr ($_[0], 0, index($_[0],"."));
> } else
> {
> print "3 - $_[0]\n";
> return "$_[0]";
> }
> }
>
> its output is:
> 1 - 90.0
> 2 - 90.0
> 90
> Great that works.
>
> but if I make $item = "90";
> the output is:
> 1 - 90
> 2 - 90
> 9
> Hmm, that is not what I want.
> The if statement should generate FALSE and it shouldn't be stripped to
> 9.
> How can I solve this?
easiest way is perl -e "print int 90.00"
------------------------------
Date: Fri, 20 Jul 2007 16:39:52 -0500
From: "J. Gleixner" <glex_no-spam@qwest-spam-no.invalid>
Subject: Re: removing . from a string
Message-Id: <46a12ba8$0$3567$815e3792@news.qwest.net>
pkassies@gmail.com wrote:
> Hello everybody,
>
> I need to strip "90.00" back to "90".
> I wrote the following program
>
> #!/perl
>
> $item = "90.0";
> print &strip_dot($item);
>
> sub strip_dot
> {
> print "1 - $_[0]\n";
> if ($_[0] =~ m/./)
> {
> print "2 - $_[0]\n";
> return substr ($_[0], 0, index($_[0],"."));
> } else
> {
> print "3 - $_[0]\n";
> return "$_[0]";
> }
> }
>
> its output is:
> 1 - 90.0
> 2 - 90.0
> 90
> Great that works.
>
> but if I make $item = "90";
> the output is:
> 1 - 90
> 2 - 90
> 9
>
> Hmm, that is not what I want.
> The if statement should generate FALSE and it shouldn't be stripped to
> 9.
> How can I solve this?
>
> Any help is appreaciated.
>
You need to escape it.
if ($_[0] =~ m/\./)
See perldoc perlre
" . Match any character (except newline) "
Other options:
my $val = '90.0';
$val =~ s/\.*//;
Or:
$val = int $val;
Or:
$val = $val + 0;
------------------------------
Date: Fri, 20 Jul 2007 14:44:55 -0700
From: pkassies@gmail.com
Subject: Re: removing . from a string
Message-Id: <1184967895.949682.288130@m3g2000hsh.googlegroups.com>
yes, the escaping works.
Great! Thanks.
------------------------------
Date: Fri, 20 Jul 2007 23:47:18 +0200
From: Gunnar Hjalmarsson <noreply@gunnar.cc>
Subject: Re: removing . from a string
Message-Id: <5gcp1eF3c5qidU1@mid.individual.net>
pkassies@gmail.com wrote:
> I need to strip "90.00" back to "90".
There are built-in functions to help you with that.
my $item = '90.00';
print int $item;
But that just cuts the decimals. If you actually want to round the
number correctly, you can do:
my $item = '90.00';
printf '%.0f', $item;
See:
perldoc -f int
perldoc -f sprintf
perldoc -f printf
> I wrote the following program
>
> #!/perl
use strict;
use warnings;
> $item = "90.0";
my $item = "90.0";
> print &strip_dot($item);
--------^
Don't use '&' in function calls unless you know what it means (in Perl 5).
> sub strip_dot
> {
> print "1 - $_[0]\n";
> if ($_[0] =~ m/./)
You need to escape the dot, or else you just check if the string
contains any character...
if ($_[0] =~ m/\./)
--
Gunnar Hjalmarsson
Email: http://www.gunnar.cc/cgi-bin/contact.pl
------------------------------
Date: Fri, 20 Jul 2007 15:09:22 -0700
From: Jim Gibson <jgibson@mail.arc.nasa.gov>
Subject: Re: removing . from a string
Message-Id: <200720071509227693%jgibson@mail.arc.nasa.gov>
In article <46a12ba8$0$3567$815e3792@news.qwest.net>, J. Gleixner
<glex_no-spam@qwest-spam-no.invalid> wrote:
> pkassies@gmail.com wrote:
> > Hello everybody,
> >
> > I need to strip "90.00" back to "90".
>
> Other options:
>
> my $val = '90.0';
> $val =~ s/\.*//;
You forgot one dot:
$val =~ s/\..*//;
Posted Via Usenet.com Premium Usenet Newsgroup Services
----------------------------------------------------------
** SPEED ** RETENTION ** COMPLETION ** ANONYMITY **
----------------------------------------------------------
http://www.usenet.com
------------------------------
Date: Fri, 20 Jul 2007 17:40:42 -0500
From: "J. Gleixner" <glex_no-spam@qwest-spam-no.invalid>
Subject: Re: removing . from a string
Message-Id: <46a139ea$0$498$815e3792@news.qwest.net>
Jim Gibson wrote:
> In article <46a12ba8$0$3567$815e3792@news.qwest.net>, J. Gleixner
> <glex_no-spam@qwest-spam-no.invalid> wrote:
>
>> pkassies@gmail.com wrote:
>>> Hello everybody,
>>>
>>> I need to strip "90.00" back to "90".
>
>
>> Other options:
>>
>> my $val = '90.0';
>> $val =~ s/\.*//;
>
> You forgot one dot:
>
> $val =~ s/\..*//;
Dang.. yep.. thanks for the correction.
------------------------------
Date: Fri, 20 Jul 2007 22:59:05 GMT
From: Tad McClellan <tadmc@seesig.invalid>
Subject: Re: removing . from a string
Message-Id: <slrnfa2fc8.jb7.tadmc@tadmc30.sbcglobal.net>
pkassies@gmail.com <pkassies@gmail.com> wrote:
> I need to strip "90.00" back to "90".
-------------------------
#!/usr/bin/perl
use warnings;
use strict;
my $item = "90.0";
$item += 0;
print "$item\n";
-------------------------
--
Tad McClellan
email: perl -le "print scalar reverse qq/moc.noitatibaher\100cmdat/"
------------------------------
Date: Fri, 20 Jul 2007 15:33:33 -0700
From: krakle@visto.com
Subject: Re: Webhosting Manager app
Message-Id: <1184970813.273623.193800@w3g2000hsg.googlegroups.com>
On Jul 20, 12:37 am, redbaks <redb...@gmail.com> wrote:
> Hi! I am tasked to develop an CPanel like web app and I am stuck.
> Stuck at the start.
> I've downloaded a few others open source control panel hosting apps
> (vhcs, gplhost, virtualmin..etc) to give me inspiration. I know what
> to include, but the problem is how to make it work.
>
> I am not relatively new to linux, for i am using it since as an office
> workstation for the past 4years. With the help of 'man' and 'google',
> i am able to modify confs of different services.
>
> the real question i am wanting to ask is how those amazing CP/WH
> Managers able to modify the confs without 'root' or using a 'sudo'.
> please help.
>
> thanks in advance.
>
> btw, i am implementing it on a CentOS4 distro.
And what's your Perl question again?
------------------------------
Date: Sat, 21 Jul 2007 00:33:53 +0200
From: baalbek <rcs@bgoark.no>
Subject: Re: What to do about memory leaks
Message-Id: <46a13853$0$7441$c83e3ef6@nn1-read.tele2.net>
Martin Trautmann wrote:
> I take extensive use of WWW::Mechanize, without any knowledge what going
> on inside.
Do remember that WWW::Mechanize caches the fetched web pages by default,
thus using a lot of memory if you access a lot of web pages.
In order not to cache the downloaded result, use this constructor:
my $agent = WWW::Mechanize->new(stack_depth => 1);
that is, stack_depth is set to one, so no caching.
Hope this helps.
~Christian
------------------------------
Date: Fri, 20 Jul 2007 19:45:01 -0000
From: mirod <xmltwig@gmail.com>
Subject: Re: XML::Twig segfault on solaris
Message-Id: <1184960701.170635.119640@n60g2000hse.googlegroups.com>
I am sorry, it looks like my ISP doesn't propagate my posts, so the 2
answers I sent earlier have been lost.
In any case, the problem is with perl itself, in freeing variables
after a huge number of weaken.
I filed a bug report on Scalar::Util (http://rt.cpan.org/Ticket/
Display.html?id=28365) and then on perl itself, as it appears that
that's where the blame lies.
--
mirod
------------------------------
Date: 6 Apr 2001 21:33:47 GMT (Last modified)
From: Perl-Users-Request@ruby.oce.orst.edu (Perl-Users-Digest Admin)
Subject: Digest Administrivia (Last modified: 6 Apr 01)
Message-Id: <null>
Administrivia:
#The Perl-Users Digest is a retransmission of the USENET newsgroup
#comp.lang.perl.misc. For subscription or unsubscription requests, send
#the single line:
#
# subscribe perl-users
#or:
# unsubscribe perl-users
#
#to almanac@ruby.oce.orst.edu.
NOTE: due to the current flood of worm email banging on ruby, the smtp
server on ruby has been shut off until further notice.
To submit articles to comp.lang.perl.announce, send your article to
clpa@perl.com.
#To request back copies (available for a week or so), send your request
#to almanac@ruby.oce.orst.edu with the command "send perl-users x.y",
#where x is the volume number and y is the issue number.
#For other requests pertaining to the digest, send mail to
#perl-users-request@ruby.oce.orst.edu. Do not waste your time or mine
#sending perl questions to the -request address, I don't have time to
#answer them even if I did know the answer.
------------------------------
End of Perl-Users Digest V11 Issue 667
**************************************
