Re: Error using -T...

What security gap do you see there? The file requires one written in the back end, and it does not reply upon anything passed in the browser, except a page, and it only uses that to see if it exists, and when it passes it to the subroutine to get the title and content, I do security checks and use placeholders.

I don't really know what else to guard for.

What are you thinking?

thx,
Richard

Comment on Re: Error using -T...

Replies are listed 'Best First'.
Re: Re: Error using -T... by Limbic~Region (Chancellor) on May 31, 2003 at 20:05 UTC
powerhouse, The point to using Taint checking is to never allow your script to let data it obtains externally from escaping the program (as I pointed out in my first post). You are requiring a variable - that variable was obtained external to your program - this means that you will have to Untaint it before you use it. You really should look at perldoc perlsec as Enlil suggested. Cheers - L~R	[reply]

Replies are listed 'Best First'.

Re: Re: Error using -T...
by Limbic~Region (Chancellor) on May 31, 2003 at 20:05 UTC

never

perldoc perlsec

Cheers - L~R