diff options
| author | Rick Delaney <rick@consumercontact.com> | 2002-08-03 20:28:58 -0400 |
|---|---|---|
| committer | hv <hv@crypt.org> | 2002-08-12 12:10:07 +0000 |
| commit | 7de90c4d189afc08ce6abcc82d00feb9e430fc8f (patch) | |
| tree | 5af14918353345a80ff82a94a74d08d1da611d92 /pod/perlsec.pod | |
| parent | cbc25c4293d5ee1c43b7996e79900570a0580df6 (diff) | |
| download | perl-7de90c4d189afc08ce6abcc82d00feb9e430fc8f.tar.gz | |
Re: [PATCH] Re: taint news
Message-ID: <m3heibs0vp.fsf@cs839290-a.mtth.phub.net.cable.rogers.com>
missed patch fragment from Change #17676
p4raw-id: //depot/perl@17720
Diffstat (limited to 'pod/perlsec.pod')
| -rw-r--r-- | pod/perlsec.pod | 21 |
1 files changed, 5 insertions, 16 deletions
diff --git a/pod/perlsec.pod b/pod/perlsec.pod index d5effd90db..2e1fda3704 100644 --- a/pod/perlsec.pod +++ b/pod/perlsec.pod @@ -44,14 +44,6 @@ directories, or processes, B<with the following exceptions>: =item * -If you pass more than one argument to either C<system> or C<exec>, -the arguments are checked for taintedness B<but> the operation will still -be attempted, emitting an optional warning. This will be fatal in a -future version of perl so do not rely on it to bypass the tainting -mechanism. - -=item * - Arguments to C<print> and C<syswrite> are B<not> checked for taintedness. =item * @@ -92,7 +84,7 @@ For example: $data = 'abc'; # Not tainted system "echo $arg"; # Insecure - system "/bin/echo", $arg; # Allowed but considered insecure + system "/bin/echo", $arg; # Considered insecure # (Perl doesn't know about /bin/echo) system "echo $hid"; # Insecure system "echo $data"; # Insecure until PATH set @@ -110,7 +102,7 @@ For example: open(FOO,"echo $arg|"); # Not OK open(FOO,"-|") - or exec 'echo', $arg; # Allowed but not really OK + or exec 'echo', $arg; # Also not OK $shout = `echo $arg`; # Insecure, $shout now tainted @@ -118,8 +110,8 @@ For example: umask $arg; # Insecure exec "echo $arg"; # Insecure - exec "echo", $arg; # Allowed but considered insecure - exec "sh", '-c', $arg; # Considered secure, alas! + exec "echo", $arg; # Insecure + exec "sh", '-c', $arg; # Very insecure! @files = <*.c>; # insecure (uses readdir() or similar) @files = glob('*.c'); # insecure (uses readdir() or similar) @@ -133,10 +125,7 @@ For example: $arg, `true`; # Insecure (although it isn't really) If you try to do something insecure, you will get a fatal error saying -something like "Insecure dependency" or "Insecure $ENV{PATH}". Note that you -can still write an insecure B<system> or B<exec>, but only by explicitly -doing something like the "considered secure" example above. This will not -be possible in a future version of Perl. +something like "Insecure dependency" or "Insecure $ENV{PATH}". =head2 Laundering and Detecting Tainted Data |