On Wed, Dec 27, 2000 at 11:09:40AM +0000, Mike Bristow wrote:
> On Wed, Dec 27, 2000 at 12:53:37PM +0200, Peter Pentchev wrote:
> > Btw, anybody reading this discussion - I tried the attached script with
> > #!/usr/bin/perl -wT, and Perl died on the unlink() - "unsafe dependency".
> > What gives?
>
> $ man perldiag
> [snip]
> Insecure dependency in %s
> (F) You tried to do something that the tainting
> mechanism didn't like. The tainting mechanism is
> turned on when you're running setuid or setgid, or
> when you specify -T to turn it on explicitly. The
> tainting mechanism labels all data that's derived
> directly or indirectly from the user, who is
> considered to be unworthy of your trust. If any such
> data is used in a "dangerous" operation, you get this
> error. See the perlsec manpage for more information.
> [snip]
>
> Note that a filename you get from readdir is (indirectly) from the
> user, and unlink counts as dangerous.
>
> Basically, you need to "untaint" $fname in OnePass before using it in
> the unlink call; this is fairly trivial to do, and if you can't work it
> out from perlsec(1), feel free to contact me off-list.
Whoops. Yup, thanks. Updated version attached.
G'luck,
Peter
--
Nostalgia ain't what it used to be.
#!/usr/bin/perl -wT
# $Id: procdir.pl,v 1.2 2000/12/27 11:16:38 roam Exp $
use strict;
sub OnePass {
my $dir = (shift || "");
my ($fname, @files);
die("OnePass() requires a dir argument\n") if ($dir eq "");
opendir(D, $dir) or die("Opening $dir: $!\n");
@files = readdir(D);
closedir(D);
foreach $fname (@files) {
next if (($fname eq ".") || ($fname eq ".."));
# more filename vailidity checks go here
# pattern filtering and subexpression to 'untaint'
next unless $fname =~ /^([\w\d._-]+\.cvs)$/;
$fname = $1;
# ok, we want this file
print "Processing $dir/$fname\n";
# done with it..
unlink("$dir/$fname") or warn("Removing $dir/$fname: $!\n");
# this is evil - if we could process it, but could not
# remove it, we might end up processing it again at the next
# iteration :(
}
}
sub ProcessDir {
my $dir = (shift || "");
die("ProcessDir() requires a dir argument\n") if ($dir eq "");
for (;;) {
OnePass($dir);
# this could be done with select(), with a signal handler,
# many different ways.. polling and sleep() is easy
sleep(2);
}
}
MAIN:{
# obtain directory name in some way
my $d = "/tmp";
ProcessDir($d);
# er heh.. this should never return :)
die("ProcessDir() returned?.. $!\n");
}
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
