Taint checking with Cwd();

c has asked for the wisdom of the Perl Monks concerning the following question:

I just read through this which discusses using use Cwd;, however I didnt really see anything within the post that dealt with -T checks against the module. I just read through Ovid's writeup on web programming and so I am dutifully adding taint checking to my cgi scripts and in the process trying to go through to untaint them.

My burden at the moment is a script which calls $dir = `pwd`; I think this is something that you could find in a lot of code out there. After reading the post about use Cwd; I thought my issues were solved. However the following test code:

#!/usr/bin/perl -wT

use strict;
use Cwd;

my $dir = cwd();

print "$dir\n";
[download]

ends up still complaining with:

Insecure $ENV{PATH} while running with -T switch at /usr/lib/perl5/5.0
+0503/Cwd.pm line 82.
[download]

Do I need a more current revision of Cwd or is this not the way to find your cwd using -T?

humbly -c

Comment on Taint checking with Cwd(); Select or Download Code

Replies are listed 'Best First'.
Re: Taint checking with Cwd(); by rob_au (Abbot) on Aug 06, 2001 at 08:31 UTC
You need to explicitly set your path to a known value when executing scripts under the -T (taint) switch. From perlsec ... Cleaning Up Your Path For ``Insecure $ENV{PATH}'' messages, you need to set $ENV{'PATH'} to a known value, and each directory in the path must be non-writable by others than its owner and group. You may be surprised to get this message even if the pathname to your executable is fully qualified. This is not generated because you didn't supply a full path to the program; instead, it's generated because you never set your PATH environment variable, or you didn't set it to something that was safe. Because Perl can't guarantee that the executable in question isn't itself going to turn around and execute some other program that is dependent on your PATH, it makes sure you set the PATH. Ooohhh, Rob no beer function well without!	[reply]
Re: Re: Taint checking with Cwd(); by isaac32767 (Initiate) on Jan 21, 2004 at 05:13 UTC
An old thread, but one I found quite useful. And worth adding to: Rob_au's comments made me read perlsec in rather more detail than I had in the past. The perlsec for my version (5.6.1) said "see perlrun for its description of cleaning up environment variables." So I did, copied a certain code snippet into my own script. And behold! End of taint errors.	[reply]
(crazyinsomniac) Re: Taint checking with Cwd(); by crazyinsomniac (Prior) on Aug 06, 2001 at 08:28 UTC
That's your clue right, there, get rid of $ENV{PATH}. `undef %ENV; #or undef $ENV{PATH}; #or $ENV{PATH}='/some/known/value/tainted/no/more';` [download] ___crazyinsomniac_______________________________________ `Disclaimer: Don't blame. It came from inside the void` `perl -e "$q=$_;map({chr unpack qq;H;,$_}split(q;;,qH*));print;$q/$q;"`	[reply] [d/l]