Consider starting the child process in a sandbox a sandbox. /usr/bin/perl is likely safe from a malicious user since /usr/bin is typically locked down by the root user(s). But /home/demetri/bin/awklikeperl.pl could be replaced if the owner is not careful with permissions. Putting the process in a sandbox will not only protect the rest of your system from attack, but help you think about what files will be made available.
Obviously, the content of the script should be reviewed for vulnerabilities as well. Take a look at perlsec for help on that front.
3 is a bit of a magic number in the C program. As you've already discovered, it's easy to forget to change that number if you add or subtract parameters from the command array. If you define that in one place (say #DEFINE STARTING_ARGS 3) you'll only need to change the value in one place.
Speaking of which, I considered suggesting adding a -- parameter to prevent any shenanigans with adding extra switches. But once you pass the script name to perl, it passes all other arguments onto the script. So I think it's not possible to use -e to execute an arbitrary command.
Consider starting the child process in a sandbox. /usr/bin/perl is likely safe from a malicious user since /usr/bin is typically locked down by the root user(s). But /home/demetri/bin/awklikeperl.pl could be replaced if the owner is not careful with permissions. Putting the process in a sandbox will not only protect the rest of your system from attack, but help you think about what files will be made available.
Obviously, the content of the script should be reviewed for vulnerabilities as well. Take a look at perlsec for help on that front.
3 is a bit of a magic number in the C program. As you've already discovered, it's easy to forget to change that number if you add or subtract parameters from the command array. If you define that in one place (say #DEFINE STARTING_ARGS 3) you'll only need to change the value in one place.
Speaking of which, I considered suggesting adding a -- parameter to prevent any shenanigans with adding extra switches. But once you pass the script name to perl, it passes all other arguments onto the script. So I think it's not possible to use -e to execute an arbitrary command.
Consider starting the child process in a sandbox. /usr/bin/perl is likely safe from a malicious user since /usr/bin is typically locked down by the root user(s). But /home/demetri/bin/awklikeperl.pl could be replaced if the owner is not careful with permissions. Putting the process in a sandbox will not only protect the rest of your system from attack, but help you think about what files will be made available.
Obviously, the content of the script should be reviewed for vulnerabilities as well. Take a look at perlsec for help on that front.
3 is a bit of a magic number in the C program. As you've already discovered, it's easy to forget to change that number if you add or subtract parameters from the command array. If you define that in one place (say #DEFINE STARTING_ARGS 3) you'll only need to change the value in one place.
Speaking of which, I considered suggesting adding a -- parameter to prevent any shenanigans with adding extra switches. But once you pass the script name to perl, it passes all other arguments onto the script. So I think it's not possible to use -e to execute an arbitrary command.
Consider starting the child process in a sandbox. /usr/bin/perl is likely safe from a malicious user since /usr/bin is typically locked down by the root user(ess). But /home/demetri/bin/awklikeperl.pl could be replaced if the owner is not careful with permissions. Putting the process in a sandbox will not only protect the rest of your system from attack, but help you think about what files will be made available.
Obviously, the content of the script should be reviewed for vulnerabilities as well. Take a look at perlsec for help on that front.
33 is a bit of a magic number in the C program. As you've already discovered, it's easy to forget to change that number if you add or subtract parameters from the command array. If you define that in one place (say #DEFINE STARTING_ARGS 3) you'll only need to change the value in one place.
Speaking of which, I considered suggesting adding a -- parameter to prevent any shenanigans with adding extra switches. But once you pass the script name to perl, it passes all other arguments onto the script. So I think it's not possible to use -e to execute an arbitrary command.
Consider starting the child process in a sandbox. /usr/bin/perl is likely safe from a malicious user since /usr/bin is typically locked down by the root user(es). But /home/demetri/bin/awklikeperl.pl could be replaced if the owner is not careful with permissions. Putting the process in a sandbox will not only protect the rest of your system from attack, but help you think about what files will be made available.
Obviously, the content of the script should be reviewed for vulnerabilities as well. Take a look at perlsec for help on that front.
3 is a bit of a magic number in the C program. As you've already discovered, it's easy to forget to change that number if you add or subtract parameters from the command array. If you define that in one place (say #DEFINE STARTING_ARGS 3) you'll only need to change the value in one place.
Speaking of which, I considered suggesting adding a -- parameter to prevent any shenanigans with adding extra switches. But once you pass the script name to perl, it passes all other arguments onto the script. So I think it's not possible to use -e to execute an arbitrary command.
Consider starting the child process in a sandbox. /usr/bin/perl is likely safe from a malicious user since /usr/bin is typically locked down by the root user(s). But /home/demetri/bin/awklikeperl.pl could be replaced if the owner is not careful with permissions. Putting the process in a sandbox will not only protect the rest of your system from attack, but help you think about what files will be made available.
Obviously, the content of the script should be reviewed for vulnerabilities as well. Take a look at perlsec for help on that front.
3 is a bit of a magic number in the C program. As you've already discovered, it's easy to forget to change that number if you add or subtract parameters from the command array. If you define that in one place (say #DEFINE STARTING_ARGS 3) you'll only need to change the value in one place.
Speaking of which, I considered suggesting adding a -- parameter to prevent any shenanigans with adding extra switches. But once you pass the script name to perl, it passes all other arguments onto the script. So I think it's not possible to use -e to execute an arbitrary command.