[Purdue-pm] On The Proper Use Of Config Files
Dave Jacoby
jacoby at purdue.edu
Wed Jan 21 10:25:41 PST 2009
The Use Perl journal post from Alias yesterday brought up a question I
have had for a while. I've been thinking about configuration files.
I have of course rolled my own more than once. I have also read and
parsed variables out of the ENV variables for web apps before I
discovered CGI, and I would occasionally try to get my own options
before Conway pointed me to Getopt::Long. With my most recent attempt, I
realized that I could include abstract code into my config, which seemed
to be a security hole in the making.
So, went to the books.
The Perl Cookbook 2nd Ed (8:16) suggests you roll your own.
http://proquest.safaribooksonline.com/0596003137/perlckbk2-CHP-8-SECT-16
Perl Best Practices (19:3) suggests you use a module.
http://proquest.safaribooksonline.com/0596001738/perlbp-CHP-19
(We're all Purdue people, so if we're at work [or can tunnel] we should
all have access. And you should have PBP anyway.)
My instinct is to follow Conway here. I have some Alias-inspired
Config::Std-using code on the Wiki.
(http://pm.purdue.org/Wiki/wiki.pl/DaveJacobyDiary)
But to what extent is the test I do necessary? To what extent is it
sufficient? More for following PBP than the other way. If I can't trust
CPAN modules, how can I use CPAN modules to help me test and trust CPAN
modules?
--
Dave Jacoby Address: WSLR S049
Purdue Genomics Core Mail: jacoby at purdue.edu
Jabber: jacoby at jabber.org
Phone: hah!
More information about the Purdue-pm
mailing list