diff options
author | Dominic Dunlop <domo@slipper.ip.lu> | 1996-12-28 10:56:41 +0100 |
---|---|---|
committer | Chip Salzenberg <chip@atlantic.net> | 1997-01-01 08:59:00 +1200 |
commit | a034a98d8bfd0fd904012bd5227ce209aaaa0b26 (patch) | |
tree | e2afccfa1b455a13bf9d8e0ec521987c49b5c07c /pod/perlsec.pod | |
parent | e38874e2f3f61264e6d7b5d69540cdd51724e623 (diff) | |
download | perl-a034a98d8bfd0fd904012bd5227ce209aaaa0b26.tar.gz |
Locale-related pod patches, take 2
[Ahem. Had the wrong thing in the scratch-pad, didn't I? Please ignore my
previous full posting of a slightly-tweaked perllocale.pod. This mail
contains what I really meant to send.]
Herewith (quick, before _18 appears) locale-related patches to the
documentation in perl5.003_17/pod. The main effect is to add
locale-related information to pods other than perllocale.pod, although
there are some tiny tweaks to that pod too. Produces no complaints from
pod2man; not checked for layout since 5.003_13.
p5p-msgid: <v03007800aeea9e488b36@[194.51.248.77]>
Diffstat (limited to 'pod/perlsec.pod')
-rw-r--r-- | pod/perlsec.pod | 32 |
1 files changed, 20 insertions, 12 deletions
diff --git a/pod/perlsec.pod b/pod/perlsec.pod index 2b6972701f..69de8592b6 100644 --- a/pod/perlsec.pod +++ b/pod/perlsec.pod @@ -30,14 +30,14 @@ program more secure than the corresponding C program. You may not use data derived from outside your program to affect something else outside your program--at least, not by accident. All command-line -arguments, environment variables, and file input are marked as "tainted". -Tainted data may not be used directly or indirectly in any command that -invokes a sub-shell, nor in any command that modifies files, directories, -or processes. Any variable set within an expression that has previously -referenced a tainted value itself becomes tainted, even if it is logically -impossible for the tainted value to influence the variable. Because -taintedness is associated with each scalar value, some elements of an -array can be tainted and others not. +arguments, environment variables, locale information (see L<perllocale>), +and file input are marked as "tainted". Tainted data may not be used +directly or indirectly in any command that invokes a sub-shell, nor in any +command that modifies files, directories, or processes. Any variable set +within an expression that has previously referenced a tainted value itself +becomes tainted, even if it is logically impossible for the tainted value +to influence the variable. Because taintedness is associated with each +scalar value, some elements of an array can be tainted and others not. For example: @@ -107,10 +107,10 @@ mechanism is by referencing sub-patterns from a regular expression match. Perl presumes that if you reference a substring using $1, $2, etc., that you knew what you were doing when you wrote the pattern. That means using a bit of thought--don't just blindly untaint anything, or you defeat the -entire mechanism. It's better to verify that the variable has only -good characters (for certain values of "good") rather than checking -whether it has any bad characters. That's because it's far too easy to -miss bad characters that you never thought of. +entire mechanism. It's better to verify that the variable has only good +characters (for certain values of "good") rather than checking whether it +has any bad characters. That's because it's far too easy to miss bad +characters that you never thought of. Here's a test to make sure that the data contains nothing but "word" characters (alphabetics, numerics, and underscores), a hyphen, an at sign, @@ -131,6 +131,14 @@ Laundering data using regular expression is the I<ONLY> mechanism for untainting dirty data, unless you use the strategy detailed below to fork a child of lesser privilege. +The example does not untaint $data if C<use locale> is in effect, +because the characters matched by C<\w> are determined by the locale. +Perl considers that locale definitions are untrustworthy because they +contain data from outside the program. If you are writing a +locale-aware program, and want to launder data with a regular expression +containing C<\w>, put C<no locale> ahead of the expression in the same +block. See L<perllocale/SECURITY> for further discussion and examples. + =head2 Cleaning Up Your Path For "Insecure C<$ENV{PATH}>" messages, you need to set C<$ENV{'PATH'}> to a |