Shell Escapes in Perl
Apparently, programmers still write “shell scripts inside Perl”, using backticks `` and system, often where a pure Perl solution could replace the shell calls. These programmers seem ignorant of the portability, security, and maintainability problems of shell code:
Portability
Shell that uses find(1) with options appropriate to only one flavor of find(1) will fail if moved to a new system. Or, if the new system does have a compatible version of find(1) in a different path, errors may result if the PATH environment variable changes (a maintainability problem). Many other commands suffer from portability problems: consult Portable Shell Programming for tips on how to mitigate these issues.
Security
Handling backticks in Perl covers the security pitfalls of shell escapes in more detail.
Maintainability
Shell escapes mix a new language into Perl code, complicating syntax checking: the Perl may check out while the shell escapes still contain bugs. These would be time consuming and difficult to write unit tests for, and troublesome to debug if portability problems emerge.
Quoting is another problem with shell escapes, especially if multiple levels of shell commands are executed. Maintaining the correct set of quotes, backslashes, and quotemeta calls is again time consuming and difficult.
Technorati Tags: Perl