open(HOSTFILE, "$knownhostFile") || die "Cannot open $knownhostFile";
Recommend changing to the following to make explicit that we're opening the file as read-only and also to prevent any intentional or unintentional malicious use:
open(HOSTFILE, "<", "$knownhostFile") || die "Cannot open $knownhostFile";
As an alternative, consider removing the file name option and the open logic, and instead take the input from standard input:
This simplifies the logic of the script and also allows users the flexibility to pass in whatever they want into the script without having to make any temporary files beforehand e.g.
Reference: https://perlmaven.com/open-files-in-the-old-way
Current code calls open on known_hosts as:
Recommend changing to the following to make explicit that we're opening the file as read-only and also to prevent any intentional or unintentional malicious use:
As an alternative, consider removing the file name option and the open logic, and instead take the input from standard input:
This simplifies the logic of the script and also allows users the flexibility to pass in whatever they want into the script without having to make any temporary files beforehand e.g.