Config module advice

Hi

I know there are loads of these but I tried using Config::Scoped as it was
mentioned in one of the O'Reilly books and seemed to do what I needed. I'm
using it on a Windows 2003 Server and for some reason unless I mark the file
as read only it bombs out saying its unsecure as the file is writeable by
others. Not sure if this is expected behaviour or a windows oddity but I
don't really want to do this...

....so could anyone suggest which other config modules are worth looking at?
I'm after something straightforward but flexible, able to create nested
data structures and preferably well-supported and up-to-date.

Cheers,
Mark

_______________________________________________
ActivePerl mailing list
ActivePerl@listserv.ActiveState.com
To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs

RE: Config module advice

Mark Knoop <> wrote:
> Hi
> =

> I know there are loads of these but I tried using Config::Scoped as
> it was mentioned in one of the O'Reilly books and seemed to do what I
> needed. I'm using it on a Windows 2003 Server and for some reason
> unless I mark the file as read only it bombs out saying its unsecure
> as the file is writeable by others. Not sure if this is expected
> behaviour or a windows oddity but I don't really want to do this... =


A quick look at the documentation for Config::Scoped suggests that it
expected behaviour unless permission checks are disabled. grep the
documentation for 'permission' for more info, particularly the
permissions_validate function.

> =

> ...so could anyone suggest which other config modules are worth
> looking at? =

> I'm after something straightforward but flexible, able to create
> nested data structures and preferably well-supported and up-to-date. =


There are a lot to choose from. I haven't used any, so I can't give any
recommendations, apart from checking CPAN (e.g.
http://search.cpan.org/search?query=3Dconfig&mode=3Dall).

HTH

-- =

Brian Raven =


==================== =====3D=
================
Atos Euronext Market Solutions Disclaimer
==================== =====3D=
================

The information contained in this e-mail is confidential and solely for the=
intended addressee(s). Unauthorised reproduction, disclosure, modification=
, and/or distribution of this email may be unlawful.
If you have received this email in error, please notify the sender immediat=
ely and delete it from your system. The views expressed in this message do =
not necessarily reflect those of Atos Euronext Market Solutions.

Atos Euronext Market Solutions Limited - Registered in England & Wales with=
registration no. 3962327. Registered office address at 25 Bank Street Lon=
don E14 5NQ United Kingdom. =

Atos Euronext Market Solutions SAS - Registered in France with registration=
no. 425 100 294. Registered office address at 6/8 Boulevard Haussmann 750=
09 Paris France.

L'information contenue dans cet e-mail est confidentielle et uniquement des=
tinee a la (aux) personnes a laquelle (auxquelle(s)) elle est adressee. Tou=
te copie, publication ou diffusion de cet email est interdite. Si cet e-mai=
l vous parvient par erreur, nous vous prions de bien vouloir prevenir l'exp=
editeur immediatement et d'effacer le e-mail et annexes jointes de votre sy=
steme. Le contenu de ce message electronique ne represente pas necessaireme=
nt la position ou le point de vue d'Atos Euronext Market Solutions.
Atos Euronext Market Solutions Limited Soci=E9t=E9 de droit anglais, enregi=
str=E9e au Royaume Uni sous le num=E9ro 3962327, dont le si=E8ge social se =
situe 25 Bank Street E14 5NQ Londres Royaume Uni.

Atos Euronext Market Solutions SAS, soci=E9t=E9 par actions simplifi=E9e, e=
nregistr=E9 au registre dui commerce et des soci=E9t=E9s sous le num=E9ro 4=
25 100 294 RCS Paris et dont le si=E8ge social se situe 6/8 Boulevard Hauss=
mann 75009 Paris France.
==================== =====3D=
================

_______________________________________________
ActivePerl mailing list
ActivePerl@listserv.ActiveState.com
To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs

Re: Config module advice

>> A quick look at the documentation for Config::Scoped suggests that it
>> expected behaviour unless permission checks are disabled. grep the
>> documentation for 'permission' for more info, particularly the
>> permissions_validate function.
>
> All I can say in my defence was that it was very late last night when I
> was trying to find out what was going on and missed this bit...
>
> Thanks
> Mark
>

This leads me to another question. From the documentation for
Config::Scoped...

############################################################ #

$parser->permissions_validate()
Checks for owner and permission safety unless warnings for permissions are
off in the current scope. The owner of the cfg_file (and any included file)
must be either the real uid or superuser and no one but owner may write to
it. Must throw a Config::Scoped::Error::Validate::Permissions exception
otherwise. This method may be overridden to perform different safety checks
if necessary. The method has the following interface:

$parser->permissions_validate( handle => $fh );
or

$parser->permissions_validate( file => $file_name );

############################################################ ##

This doesn't sound to me like there is an easy way to switch this off in the
code but rather I have to override the function. Is it sensible to override
the function with one that simply returns true? If so can anyone give me a
pointer on how to go about it?

Another workaround I guess is to change the file permissions in the code
before I use it which somehow seems a bit messy.

Any advice much appreciated.

Thanks
Mark


_______________________________________________
ActivePerl mailing list
ActivePerl@listserv.ActiveState.com
To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs

RE: Config module advice

Mark Knoop <> wrote:
>>> A quick look at the documentation for Config::Scoped suggests that
>>> it expected behaviour unless permission checks are disabled. grep
>>> the documentation for 'permission' for more info, particularly the
>>> permissions_validate function.
>> =

>> All I can say in my defence was that it was very late last night when
>> I was trying to find out what was going on and missed this bit...
>> =

>> Thanks
>> Mark
>> =

> =

> This leads me to another question. From the documentation for
> Config::Scoped... =

> =

> ############################################################ #
> =

> $parser->permissions_validate()
> Checks for owner and permission safety unless warnings for
> permissions are off in the current scope. The owner of the cfg_file
> (and any included file) must be either the real uid or superuser and
> no one but owner may write to it. Must throw a
> Config::Scoped::Error::Validate::Permissions exception otherwise.
> This method may be overridden to perform different safety checks if
> necessary. The method has the following interface: =

> =

> $parser->permissions_validate( handle =3D> $fh ); or
> =

> $parser->permissions_validate( file =3D> $file_name );
> =

> ############################################################ ##
> =

> This doesn't sound to me like there is an easy way to switch this off
> in the code but rather I have to override the function. Is it
> sensible to override the function with one that simply returns true?
> If so can anyone give me a pointer on how to go about it? =


It could be as simple as:

In a file called MyConfig.pm:

-----------------------------
use strict;
use warnings;

package MyConfig;

use base "Config::Scoped";

sub permissions_validate { return 1; }
------------------------------

However, I think the suggestion below would probably be better.

> =

> Another workaround I guess is to change the file permissions in the
> code before I use it which somehow seems a bit messy. =


What about in the constructor?

my $parser =3D Config::Scoped->new(... warnings =3D> {permissions =3D>
'off'});

HTH

-- =

Brian Raven =


==================== =====3D=
================
Atos Euronext Market Solutions Disclaimer
==================== =====3D=
================

The information contained in this e-mail is confidential and solely for the=
intended addressee(s). Unauthorised reproduction, disclosure, modification=
, and/or distribution of this email may be unlawful.
If you have received this email in error, please notify the sender immediat=
ely and delete it from your system. The views expressed in this message do =
not necessarily reflect those of Atos Euronext Market Solutions.

Atos Euronext Market Solutions Limited - Registered in England & Wales with=
registration no. 3962327. Registered office address at 25 Bank Street Lon=
don E14 5NQ United Kingdom. =

Atos Euronext Market Solutions SAS - Registered in France with registration=
no. 425 100 294. Registered office address at 6/8 Boulevard Haussmann 750=
09 Paris France.

L'information contenue dans cet e-mail est confidentielle et uniquement des=
tinee a la (aux) personnes a laquelle (auxquelle(s)) elle est adressee. Tou=
te copie, publication ou diffusion de cet email est interdite. Si cet e-mai=
l vous parvient par erreur, nous vous prions de bien vouloir prevenir l'exp=
editeur immediatement et d'effacer le e-mail et annexes jointes de votre sy=
steme. Le contenu de ce message electronique ne represente pas necessaireme=
nt la position ou le point de vue d'Atos Euronext Market Solutions.
Atos Euronext Market Solutions Limited Soci=E9t=E9 de droit anglais, enregi=
str=E9e au Royaume Uni sous le num=E9ro 3962327, dont le si=E8ge social se =
situe 25 Bank Street E14 5NQ Londres Royaume Uni.

Atos Euronext Market Solutions SAS, soci=E9t=E9 par actions simplifi=E9e, e=
nregistr=E9 au registre dui commerce et des soci=E9t=E9s sous le num=E9ro 4=
25 100 294 RCS Paris et dont le si=E8ge social se situe 6/8 Boulevard Hauss=
mann 75009 Paris France.
==================== =====3D=
================

_______________________________________________
ActivePerl mailing list
ActivePerl@listserv.ActiveState.com
To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs

Re: Config module advice

> It could be as simple as:
>
> In a file called MyConfig.pm:
>
> -----------------------------
> use strict;
> use warnings;
>
> package MyConfig;
>
> use base "Config::Scoped";
>
> sub permissions_validate { return 1; }
> ------------------------------

I was just looking at going down this route so nice to know I wasn't being
too silly...

>
> However, I think the suggestion below would probably be better.
>
>>
>> Another workaround I guess is to change the file permissions in the
>> code before I use it which somehow seems a bit messy.

What I actually was considering there was to do a chmod on the file which I
wasn't so keen on...

>
> What about in the constructor?
>
> my $parser = Config::Scoped->new(... warnings => {permissions =>
> 'off'});
>
> HTH
>

....but this is exactly what I was after! Lack of examples combined with my
lack of familiarity of OO in Perl meant I was having difficulty
understanding the docs so this has been very valuable learning.

Thanks,
Mark

_______________________________________________
ActivePerl mailing list
ActivePerl@listserv.ActiveState.com
To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs

Re: Config module advice

Hi Mark,

Mark Knoop wrote on Tue, Dec 11, 2007 at 01:04:29PM -0000:
> Somebody else suggested:

>> my $parser = Config::Scoped->new(... warnings => {permissions =>
>> 'off'});

> ...but this is exactly what I was after!

Perhaps i'm stating the obvious, but as nobody else mentioned this:
You should seriously reconsider the overall design of your system.
If you need configuration files writeable by other people beside
the owner, this might be an indication of bad or insecure design.

Of course, there are exceptions where such a thing might make sense,
but those ought to be rare...

Yours,
Ingo
_______________________________________________
ActivePerl mailing list
ActivePerl@listserv.ActiveState.com
To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs