X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2Ffiletest.pm;h=8aa4a77f827a7e3ebfca252aa2fea6ac030d2e19;hb=4d94824190f1d3f4307c94794486b277afd6e971;hp=fe1777e4439e40705becc32bff9125917e688b62;hpb=80d06f2dff03a52147744439d4888c6bef091986;p=p5sagit%2Fp5-mst-13.2.git diff --git a/lib/filetest.pm b/lib/filetest.pm index fe1777e..8aa4a77 100644 --- a/lib/filetest.pm +++ b/lib/filetest.pm @@ -1,11 +1,13 @@ package filetest; +our $VERSION = '1.00'; + =head1 NAME filetest - Perl pragma to control the filetest permission operators =head1 SYNOPSIS - + $can_perhaps_read = -r "file"; # use the mode bits { use filetest 'access'; # intuit harder @@ -32,11 +34,12 @@ There may be a slight performance decrease in the filetests when C is in effect, because in some systems the extended functionality needs to be emulated. -B: using the file tests for security purposes is a lost case +B: using the file tests for security purposes is a lost cause from the start: there is a window open for race conditions (who is to say that the permissions will not change between the test and the real operation?). Therefore if you are serious about security, just try -the real operation and test for its success. Think atomicity. +the real operation and test for its success - think in terms of atomic +operations. =head2 subpragma access @@ -47,9 +50,11 @@ operators is a filename, not when it is a filehandle. =cut +$filetest::hint_bits = 0x00400000; # HINT_FILETEST_ACCESS + sub import { if ( $_[1] eq 'access' ) { - $^H |= 0x00400000; + $^H |= $filetest::hint_bits; } else { die "filetest: the only implemented subpragma is 'access'.\n"; } @@ -57,7 +62,7 @@ sub import { sub unimport { if ( $_[1] eq 'access' ) { - $^H &= ~0x00400000; + $^H &= ~$filetest::hint_bits; } else { die "filetest: the only implemented subpragma is 'access'.\n"; }