This software implements site policies for file input/output functions. It defines rules and guidelines around file handling on a given platform or application, ensuring appropriate data management and security measures.
You have the ability to control which policy is applied by creating a File::Policy::Config module with an IMPLEMENTATION constant. You can even write your own policy as a module within the File::Policy:: namespace. If no File::Policy::Config module is present, the default policy of File::Policy::Default is implemented, which offers reasonable default locations for both temporary and log files and does not impose any restrictions.
This module was created to provide a standard and flexible approach to allow a site-wide file policy to be established. It is most useful in larger environments where a few system administrators are responsible for different codes written by many developers. By ensuring submitted code calls check_safe(), file access is made much more straightforward, reducing the amount of effort required for a security audit. While it may be overkill if your code is not security audit'd, or if you are the only developer at your site, it is still considered good practice and provides protection against paths in your code that may become corrupted accidentally or maliciously in the future.
Using this module offers two major benefits. Firstly, it enables sites that implement a policy to easily integrate your code in a standard way. If you have a file policy at your site, you can apply different policies (via File::Policy::Config) in different environments (production, integration test, development), and the appropriate policy is automatically applied without having to change your code or configs.
The SYNOPSIS for this module is as follows:
To check I/O policy:
use File::Policy;
use File::Policy qw/check_safe/; # to import a specific subroutine
use File::Policy qw/:all/; # to import all subroutines
Checking I/O policy:
check_safe($filename, 'r');
check_safe($filename, 'w');
Preferred directory locations:
$logdir = get_log_dir();
$tmpdir = get_temp_dir();
Version 1.005: N/A