[Date Prev][Date Next][Thread Prev][Thread Next] [Search] [Date Index] [Thread Index]

Re: [MacPerl] How to make a remote Digest?



On Thu, May 25, 2000 at 01:52:11PM -0500, J.O'Dell wrote:
} I am using an old 68K Mac in my lab to store research data files.  It is in
} a somewhat secure location, but (being paranoid) I want to make sure that
} no one has tampered with it (ie to change the users and groups data file or
} to store pirated MP3's !).  I reasoned that I could make MD5 digests of
} critical files and compare to previous digests.  The machine is reachable
} via FTP or HTTP (over a dialup connection through my ISP), so in my
} naivete, I ran the script below using open() to open a test HTML page, and,
} not surprisingly, it failed.  Several questions I hope someone can help me
} with (reference to pod, if available, and please pardon my ignorance):
} 
} -how to digest a remote file without first downloading to my local drive
} (my dialup connection is 28.8K, noisy rural phone lines)

Clearly, if you're going to make an MD5 digest of a file, you need
access to the file.  Either you download it and do it locally, or you
run a program on the other end to do it for you.

} 
} -can open() be used on remote files via URL or IP address, or only on
} Appleshare volumes (any restrictions due to network topology(zones, ??)?)

Any file that it thinks is on a filesystem that's accessable locally
(i.e. mounted on your Desktop).  That includes such things as NFS and
AppleTalk.  There are no doubt restrictions; if you don't have read
access, for example, you won't be able to open the file.  But realize
that even if you can open the file, the data in the file would still
have to be transfered over your slow link.  AppleTalk over a dialup is
pretty awful (and NFS is *much* worse).

} 
} -if not open() what are best ways to access remote files via MacPerl (I am
} pretty sure Java can treat remote URL's like it treats local files, but
} prefer to work in Perl)

LWP (libwww-perl5).

} 
} -glaring security issues??  Like, if I set it up so I can access the system
} folder via FTP, am I creating massive vulnerability to outside attack?  I
} am a real novice at system security, and want to do the "right thing" first
} time out.

I would avoid letting anyone access my System Folder from the outside.
What other measures you can take depends on what exactly you have in
mind.

} 
} I appreciate your guidance...
} 
} Jane
} 
} #!usr/bin/perl -w
} 
} use strict;
} use LWP::Simple;
} use URI::URL;
} 
} use Digest::MD5  qw(md5_hex);
} 
} my ($my_server, $digest);
} $my_server = new URI::URL 'http://chew80.che.wisc.edu/index.html';

Not necessary if you're using LWP::Simple.

} 
} #I check if the page exists by checking for the head of the html page
}   if (head($my_server)) {
}      print "$my_server has responded....\n";
}   }

This is redundant.  Just try getting the file from the server.  If you
get it, then the server is up.

} 
} #here I want to open the remote file
} open(FILE, $my_server) or die "Can't open '$my_server': $!";
} binmode(FILE);

getstore( 'http://chew80.che.wisc.edu/index.html','index.html') or die;

binmode is never necessary on rational operating systems, like MacOS or *nix.

open(FILE,'index.html') or die;
local $/ = "";
$data = <FILE>;
$digest = md5_hex($data);

This is untested of course.

You should read the Digest::MD5 pod using Shuck.  md5_hex doesn't take
file handles so far as I can tell, but the OO routines seem to.

} 
} $digest = md5_hex(*FILE);
} print "filetest digest is $digest\n";
} 
} __END__
} And the output:
} http://chew80.che.wisc.edu/index.html has responded....
} # Can't open 'http://chew80.che.wisc.edu/index.html': Invalid argument.
} File 'Dingo:my_scripts:2000:snippets:test_digest.pl'; Line 18
} 
} # ===== Want to unsubscribe from this list?
} # ===== Send mail with body "unsubscribe" to macperl-request@macperl.org
} 
} 

-- 
Paul Schinder
schinder@pobox.com

# ===== Want to unsubscribe from this list?
# ===== Send mail with body "unsubscribe" to macperl-request@macperl.org