From: "Adam Turoff" <[EMAIL PROTECTED]>
> On Wed, Sep 27, 2000 at 12:09:20PM -0400, James Mastros wrote:
> > Really, I don't see why we can't
> > just have a 'use taint' and 'no taint' pargma.
>
> Because taint mode needs to be turned on REEELY early, like before
> pragmas are compiled.
Umm, perhaps I overused "just", but...
On Wed, Sep 27, 2000 at 12:09:20PM -0400, James Mastros wrote:
> You have to turn on tainting at the commandline, but other then that,
> you can turn it on and off (even C<use taint 'warning'>, possibly) at
runtime.
What I meant was that once tainting is on from the commandline, you can
choose to ignore them, not ignore them, or make them warnings rather then
(trapable) errors. It would remain an error to 'use taint' without having a
taints
on from the original execution (via suid, sgid, a environment variable, a
command-line switch or what-have-you), but if they were on from there,
you can still do a 'no taint' block.
(This has the possible danger that if a cracker manages to execute
"no taint", all bets are off. But if they can get out "no taint", then
they could probably get a lot of other code too. Also, it gives
you more rope with which to hang yourself. Anybody who
uses "no taint" without a damm good reason might get hung when
sombody cracks into their program anyway. <G>)
-=- James Mastros
