Re: Re: Trojan Horse? (taint mode)


Perl: the Markov chain saw
	PerlMonks

Re: Re: Trojan Horse? (taint mode)

by quinkan (Monk)

on Nov 26, 2001 at 05:33 UTC ( [id://127457]=note: print w/replies, xml )

Need Help??

in reply to Re: Trojan Horse? (taint mode)
in thread Trojan Horse? (taint mode)

The only way this is going to come and cause us grief is if we eval $a ?

But pause to consider that someone playing with your CGI script has managed to get output redirected to an executable shell script.... Which is often the aim of a malicious hack. If you don't want naughty words appearing in, for example, your system initialisation scripts, it might be a good idea to untaint everything input.

Comment on Re: Re: Trojan Horse? (taint mode)

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://127457]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others having a coffee break in the Monastery: (2)

As of 2024-04-25 20:09 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found