Use the multiple-argument version of the system call, and ensure that the
program you're calling won't misbehave if weird input is provided:
system("/path/some-command", $user_data);
Passing $user_data and the command name in a single string (the
single-argument form of system()) causes the shell to parse and interpret
the data, which means shell metacharacters in the user's data will be
interpreted.
Read through perlsec for this and other gotchas. Taint mode in Perl will
help you avoid them, but don't rely exclusively on it. It will catch some
stupid mistakes, but it isn't a cure for not knowing what you're doing.
Good luck,
David
-----Original Message-----
From: Sandeep Giri [mailto:sandeepgiriat_private]
Sent: Wednesday, 22 January, 2003 01:03
To: secprogat_private
Subject: Can System() of Perl be bypassed?
Hi All,
In my PERL code,I am using user's input as command line argument for the
program being executed by System().
Can user run command of his choice by giving malicious input?
Is PERL's -T (Taint mode) the solution for this?
Thanks.
Sandeep Giri
This archive was generated by hypermail 2b30 : Wed Jan 22 2003 - 14:27:12 PST