Re: Re: Why do I need -w in a cgi script

True, but then, as I said, we're still screwed since taint doesn't force you to get the cleaning right

Look, it's a moot point (who the hell turns off taint checking?), but a valid one. Turning off taint checking on a production script shouldn't make any difference

Consider - you develop a script, and when you test with taint on, the following generates a warning:

foreach(@ARGV){
  `$_`;
}
[download]

So you correct it:

foreach(@ARGV){
  /(\w*)/;
  $foo = `ls -l $1`;
}
[download]

Is this going to be any less secure for running without taint once you've got it to run with taint?

foreach(@ARGV){
  /(.*)/;
  $foo = `$1`;
}
[download]

and is this going to be any less insecure for running with taint?

Tom Melly, tom@tomandlu.co.uk

Comment on Re: Re: Why do I need -w in a cgi script Select or Download Code

Replies are listed 'Best First'.
Re: Why do I need -w in a cgi script by Abigail-II (Bishop) on Oct 10, 2003 at 13:48 UTC
Let's say, you have the following program: `#!/usr/bin/perl -T use strict; use warnings; my $file = shift; open my $fh => $file or die $!; while (<$fh>) {print} close $fh; __END__` [download] A fairly trivial one. Takes only one parameter. You test it with a million files. It all works fine. You remove the '-T' and put it in production, where it's going to be run suid or called by a CGI program, or whatever. Then some joker passes "> /some/important/file" as argument. With "-T", perl would not have wiped the content of the file. Without, it will. Abigail	[reply] [d/l]
Re: Re: Why do I need -w in a cgi script by Melly (Chaplain) on Oct 10, 2003 at 14:27 UTC
I concede! I'm an idiot! I'd forgotten (or, more accurately, never noticed) that Taint would allow anything to be done with user-input prior to untainting it with a regex. Tom Melly, tom@tomandlu.co.uk	[reply]
Re: Why do I need -w in a cgi script by Abigail-II (Bishop) on Oct 10, 2003 at 14:47 UTC
Taint checking only prevents you from doing insecure things. Opening a file for reading isn't insecure - opening a file for writing is. If taint checking would disallow you to do anything, you wouldn't even be able to untaint it. Abigail	[reply]