From ee556d553a6eff7ecdc9231bcb7bcb56f26130e7 Mon Sep 17 00:00:00 2001 From: Mike Guy Date: Wed, 6 Jun 2001 20:58:15 +0000 Subject: Re: [ID 20010604.015] taint + comma = false insecurity Reply-To: mjtg@cam.ac.uk Message-Id: p4raw-id: //depot/perl@10459 --- pod/perlsec.pod | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'pod/perlsec.pod') diff --git a/pod/perlsec.pod b/pod/perlsec.pod index 622e25fb40..87d1f7b340 100644 --- a/pod/perlsec.pod +++ b/pod/perlsec.pod @@ -44,8 +44,8 @@ directories, or processes, B: =item * -If you pass a list of arguments to either C or C, -the elements of that list are B checked for taintedness. +If you pass more than one argument to either C or C, +the arguments are B checked for taintedness. =item * @@ -53,9 +53,10 @@ Arguments to C and C are B checked for taintedness. =back -Any variable set to a value -derived from tainted data will itself be tainted, even if it is -logically impossible for the tainted data to alter the variable. +The value of an expression containing tainted data will itself be +tainted, even if it is logically impossible for the tainted data to +affect the value. + Because taintedness is associated with each scalar value, some elements of an array can be tainted and others not. @@ -107,6 +108,9 @@ For example: # either case the result is tainted since the list of filenames comes # from outside of the program. + $bad = ($arg, 23); # $bad will be tainted + $arg, `true`; # Insecure (although it isn't really) + If you try to do something insecure, you will get a fatal error saying something like "Insecure dependency" or "Insecure $ENV{PATH}". Note that you can still write an insecure B or B, but only by explicitly -- cgit v1.2.1