#!/usr/bin/perl5.003 -T
#
# Listing 1.
#
# A simple Internet server that invokes finger and returns the
# output to a Web browser. To access the server create a bit
# of HTML that looks like this:
#
# <form method = GET action = http://HOSTNAME:7654/>
# <input NAME = "user">
# </form>
#
# where HOSTNAME is the name of the machine on which you're running
# the server. Enter the name of the user that you want to finger in
# the text input field and hit carriage return.
#
require 5.002;
use strict;
use Socket;
my( $proto, $port );
# Signal handler to get zombie processes.
$SIG{CHLD} = sub { wait };
# Untaint PATH
$ENV{PATH} = '/bin:/usr/bin';
# Create an Internet TCP socket.
$port = 7654;
$proto = getprotobyname( 'tcp' );
socket( S, AF_INET, SOCK_STREAM, $proto ) or die "socket:$!";
# Name the socket (bind it to an address).
bind( S, sockaddr_in( $port, INADDR_ANY)) or die "bind:$!";
# Listen for client connections.
listen( S, 5 );
# Loop indefinitely, accepting connections
# as they arrive and forking a new process
# to handle the request.
for(; accept(NS,S); close NS ) {
my $pid;
if(!defined($pid = fork)) {
die "Fork failed:$!";
}
if ($pid) {
print "Fork worked\n";
}
elsif ($pid == 0) {
# In the child process.
close S;
# Look for the user name in the HTTP GET request and
# return the output of finger on this host for that
# user.
while (<NS>) {
if($_ =~ /^GET/) {
my($comm,$tag,$user,$http);
($comm,$tag,$user,$http) = split /[ =]/, $_;
open(STDOUT, "+>&NS") || die "open:$!";
select(STDOUT); $| = 1;
print "HTTP/1.0 200 OK\n";
print "MIME-Version: 1.0\n";
print "Content-Type: text/plain\n\n";
# Secure use of exec
exec "/usr/bin/finger", $user;
}
}
exit; #Child process should exit
}
}
exit;
Copyright © 1994 - 2018 Linux Journal. All rights reserved.