Re: Back to acceptable untainted characters

Thanks all. I think I getting the gist. But let me summarize what I've read on this thread (knowing there's lots more elsewhere):

0. It's not necessarily what the user enters, but what I do with it

1. Don't trust user input, so use -T

2. RegExp data from user form to untaint, but RegExps can vary depending on what I want to allow them to enter

3. In all cases, RegExp/escape any HTML from users so the code would never render in a browser

4. Stay away from shells and evals (this should be no problem, 'cause I don't know enough to even know why I'd want to use one), but also file ops that use user input

5. Use placeholders in MySQL inserts

6. Use modules where I can find them to help

Sorry if I was flogging the proverbial dead horse, but you can see what a little paranoia can do!

Thanks again.

P.S. Just read Gunther Birzniek's excellent article CGI/Perl Taint Mode FAQ

Comment on Re: Back to acceptable untainted characters

Replies are listed 'Best First'.
Re: Re: Back to acceptable untainted characters by BrentDax (Hermit) on Sep 08, 2003 at 06:21 UTC
3. In all cases, RegExp/escape any HTML from users so the code would never render in a browser ...unless you want some HTML to render, as you might in e.g. a user "biography" field. In that case, you'll probably want to do some trickery with an HTML parser module to allow a few tags and attributes and strip out the rest. Once again, though, note the use of "allow". Decide what's permissible and take out everything else. Better safe than sorry. =cut --Brent Dax There is no sig.	[reply]
Re: Re: Re: Back to acceptable untainted characters by bradcathey (Prior) on Sep 08, 2003 at 12:29 UTC
Thanks BrentDax. That was a helpful word.	[reply]
Re: Re: Back to acceptable untainted characters by bunnyman (Hermit) on Sep 08, 2003 at 19:28 UTC
4. Stay away from shells and evals (this should be no problem, 'cause I don't know enough to even know why I'd want to use one), but also file ops that use user input Some people are more comfortable using the shell than they are with Perl, so they might choose to write `system("rm $filename");` instead of using unlink. This would be a problem if $filename were a string beginning with a semicolon followed by another shell command. Taint mode will not allow system to execute when given tainted input, to prevent that type of thing from happening.	[reply] [d/l]