Skip Menu |

Preferred bug tracker

Please visit the preferred bug tracker to report your issue.

This queue is for tickets about the IO-All CPAN distribution.

Report information
The Basics
Id: 47175
Status: rejected
Priority: 0/
Queue: IO-All

People
Owner: Nobody in particular
Requestors: mschwern [...] cpan.org
Cc:
AdminCc:

Bug Information
Severity: Wishlist
Broken in: 0.39
Fixed in: (no value)



Subject: A safer version of IO
I like IO::All and I want to use it in perl5i to solve a lot of Perl's IO issues. Trouble is io() is a bit too smart and will do ambiguous and insecure things like try to open URLs and pipes and sockets and let me call any IO::All method with "method:" So I would like a safer, less ambiguous io(). One that only opens files and directories and filehandles and will never try to open a socket. You can still explicitly ask for all that with io->blah($thing). IO::All::Safer, for example. You can see my way of sanitizing io() in perl5i here. http://github.com/schwern/perl5i/blob/83ea6096ab2714a16913893257dd55d58fe39c1b/lib/perl5i/IO.pm
Subject: Re: [rt.cpan.org #47175] A safer version of IO
Date: Sat, 20 Jun 2009 11:17:27 -0700
To: bug-IO-All [...] rt.cpan.org
From: Ingy dot Net <ingy [...] ingy.net>
Let's discuss at YAPC. On Fri, Jun 19, 2009 at 11:05 PM, Michael G Schwern via RT < bug-IO-All@rt.cpan.org> wrote: Show quoted text
> Sat Jun 20 02:05:17 2009: Request 47175 was acted upon. > Transaction: Ticket created by MSCHWERN > Queue: IO-All > Subject: A safer version of IO > Broken in: 0.39 > Severity: Wishlist > Owner: Nobody > Requestors: mschwern@cpan.org > Status: new > Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=47175 > > > > I like IO::All and I want to use it in perl5i to solve a lot of Perl's > IO issues. Trouble is io() is a bit too smart and will do ambiguous and > insecure things like try to open URLs and pipes and sockets and let me > call any IO::All method with "method:" > > So I would like a safer, less ambiguous io(). One that only opens files > and directories and filehandles and will never try to open a socket. > You can still explicitly ask for all that with io->blah($thing). > IO::All::Safer, for example. > > You can see my way of sanitizing io() in perl5i here. > > http://github.com/schwern/perl5i/blob/83ea6096ab2714a16913893257dd55d58fe39c1b/lib/perl5i/IO.pm > >