On Thu, Feb 17, 2000 at 10:33:07AM -0600, Brock Sides wrote:
> Perl's tainting mechanism only comes into play if you are invoking a
> external command in some way: via system, exec, backticks, or
> opening a filehandle to or from a pipe. For example,
Not quite true. Tainting will block any of the following
operations, as near as I can tell from a cursory perusal of the
source:
- require()ing or use()ing a Perl library
- unlinking a file
- using the "glob" operator for expanding shell wildcards
- opening a file for writing
- in-place editing with the -i option
- changing the "user" component of your umask
- truncating a file via the truncate() function
- calling the ioctl() or fcntl() functions
- creating, binding, or connecting a new socket or socketpair
- changing directories
- calling chroot()
- renaming/moving a file
- linking a file (either link() or symlink())
- creating a new directory
- removing a directory
- executing an external command with a pipe (backticks, open"|", etc.)
- executing an external command with a fork and exec (system())
- executing an external command with exec()
- setpgrp() and setpriority()
- manually making a syscall with syscall()
...and probably a few others I've overlooked. Using -T in your
CGI script may not automagically make your program "secure", but it's
definitely a big step in the right direction.
_________________________________________________________________________
Dennis Taylor "Anyone whose days are all the same and free from
[EMAIL PROTECTED] want inhabits eternity of a sort." - Peter Hoeg
_________________________________________________________________________
PGP Fingerprint: E8D6 9670 4FBD EEC3 6C6B 810B 2B30 E529 51BD 7B90
