On Thu, Feb 17, 2000 at 10:33:07AM -0600, Brock Sides wrote: > Perl's tainting mechanism only comes into play if you are invoking a > external command in some way: via system, exec, backticks, or > opening a filehandle to or from a pipe. For example, Not quite true. Tainting will block any of the following operations, as near as I can tell from a cursory perusal of the source: - require()ing or use()ing a Perl library - unlinking a file - using the "glob" operator for expanding shell wildcards - opening a file for writing - in-place editing with the -i option - changing the "user" component of your umask - truncating a file via the truncate() function - calling the ioctl() or fcntl() functions - creating, binding, or connecting a new socket or socketpair - changing directories - calling chroot() - renaming/moving a file - linking a file (either link() or symlink()) - creating a new directory - removing a directory - executing an external command with a pipe (backticks, open"|", etc.) - executing an external command with a fork and exec (system()) - executing an external command with exec() - setpgrp() and setpriority() - manually making a syscall with syscall() ...and probably a few others I've overlooked. Using -T in your CGI script may not automagically make your program "secure", but it's definitely a big step in the right direction. _________________________________________________________________________ Dennis Taylor "Anyone whose days are all the same and free from dennisat_private want inhabits eternity of a sort." - Peter Hoeg _________________________________________________________________________ PGP Fingerprint: E8D6 9670 4FBD EEC3 6C6B 810B 2B30 E529 51BD 7B90
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:36:02 PDT