Are there any not-so-obvious problems with untainting user input for passing to the shell with something like (for the sake of simplicity):
# need to be able to use "." and "-" characters as well as
alphanumerics
chomp ( my $input = <STDIN> );
$input =~ s/[^A-Za-z0-9\-\.]//g;
system ("some_system_binary_here $input");
Thanks!
tyson
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
<http://learn.perl.org/> <http://learn.perl.org/first-response>
