Come for the quick hacks, stay for the epiphanies. | |
PerlMonks |
Re: Re: untainting system calls correctlyby Fletch (Bishop) |
on Apr 10, 2002 at 16:43 UTC ( [id://158069]=note: print w/replies, xml ) | Need Help?? |
Not to meniton preventing someone from slipping in a username of `-u 0 I0wNj00'. Update: As a clarification, I mean that by using the multiple arugment form rather than letting the shell split you prevent the user from submitting extra arguments (in the example I gave they could specify that their new account would get a uid of 0).
In Section
Seekers of Perl Wisdom
|
|