in reply to Which apache $ENV are considered "safe"?

What is "safe" anyway? Perhaps this is why Taint mode does not trust any outside data.

Just a thought

  • Comment on Re: Which apache $ENV are considered "safe"?

Replies are listed 'Best First'.
Re: Re: Which apache $ENV are considered "safe"?
by blahblah (Friar) on May 19, 2003 at 07:47 UTC
    Safe means that I can trust the data because it is not able to be tampered with (tainted) by user input - malicious or otherwise.
    I am looking for a discussion on which of the apache vars -can- be tainted so that I know what I am getting myself into should I decide to use them. I am especially interested in those vars that are seemingly secure but have a nasty backdoor (because they are the rogues that get you later).
    I'll check out the links above...

    Thanks
    Alex
[reply]

In Section Seekers of Perl Wisdom