On Mar 25, 2004, at 2:31 PM, Stas Bekman wrote:
So if you *do* trust require() of a random file to acquire its version, you ought to trust parse_version_untaint_source() just the same.
It's not obvious to me that eval-ing an arbitrary (or semi-arbitrary) line of a file is always as safe as eval-ing the entire file. Consider the following highly contrived example:
package FoolMeTwice;
my $string = <<'EOF'; $VERSION = 5; system("rm -rf /"); EOF
$VERSION = 6;
__END__
That will do almost nothing with "use FoolMeTwice;", but doing parse_version_untaint_source() will wreck your system.
Maybe there are no non-contrived examples, though.
OK, I stand corrected. Thanks Ken.
In which case using laundering and eval'ing in the Safe compartment is probably the best idea. Though if I remember correctly Safe has lots of problems (doesn't quite work in certain environments), so I'm not sure how practical it is.
__________________________________________________________________ Stas Bekman JAm_pH ------> Just Another mod_perl Hacker http://stason.org/ mod_perl Guide ---> http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
