From e71940dea35c6f17c876e9eab076bacc363c8e31 Mon Sep 17 00:00:00 2001 From: Paul Green Date: Thu, 30 May 2002 07:11:35 -0400 Subject: [PATCH] RE: [PATCH pod/perlvar.pod] $^X From: "Green, Paul" Message-ID: p4raw-id: //depot/perl@16892 --- pod/perlvar.pod | 46 ++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 38 insertions(+), 8 deletions(-) diff --git a/pod/perlvar.pod b/pod/perlvar.pod index 2e08f00..bf1d765 100644 --- a/pod/perlvar.pod +++ b/pod/perlvar.pod @@ -1150,21 +1150,51 @@ lexical scope. See L. =item $^X -The name that the Perl binary itself was executed as, from C's +The name used to execute the current copy of Perl, from C's C. -This may not be a full pathname, nor even necessarily in your path. -Currently there is no universal solution for this; you may want to try: +Depending on the host operating system, the value of $^X may be +a relative or absolute pathname of the perl program file, or may +be the string used to invoke perl but not the pathname of the +perl program file. Also, most operating systems permit invoking +programs that are not in the PATH environment variable, so there +is no guarantee that the value of $^X is in PATH. - use Config; - $current_perl_path = (-x $^X) ? $^X : $Config{perlpath}; +You usually can use the value of $^X to re-invoke an independent +copy of the same perl that is currently running, e.g., + + @first_run = `$^X -le "print int rand 100 for 1..100"`; + +But recall that not all operating systems support forking or +capturing of the output of commands, so this complex statement +may not be portable. -The security-conscious would write: +It is not safe to use the value of $^X as a path name of a file, +as some operating systems that have a mandatory suffix on +executable files do not require use of the suffix when invoking +a command. To convert the value of $^X to a path name, use the +following statements: + +# Build up a set of file names (not command names). + use Config; + use File::Spec; + $this_perl = File::Spec->canonpath($^X); + $this_perl .= $Config{exe_ext} + unless $this_perl =~ m/$Config{exe_ext}$/i; + +Because many operating systems permit anyone with read access to +the Perl program file to make a copy of it, patch the copy, and +then execute the copy, the security-conscious Perl programmer +should take care to invoke the installed copy of perl, not the +copy referenced by $^X. The following statements accomplish +this goal, and produce a pathname that can be invoked as a +command or referenced as a file. use Config; use File::Spec; - $current_perl_path = (File::Spec->file_name_is_absolute($^X) && -x $^X) - ? $^X : $Config{perlpath}; + $secure_perl_path = File::Spec->canonpath($Config{perlpath}); + $secure_perl_path .= $Config{exe_ext} + unless $secure_perl_path =~ m/$Config{exe_ext}$/i; =item ARGV -- 2.7.4