in reply to Re: Mail::Mailer and difficulty with -T taint mode
in thread Mail::Mailer and difficulty with -T taint mode

That is helpful, but it seems then, that it is telling me there is NO way to successfully pass a user-supplied From address to Mail::Mailer, if that module uses system, exec, or a piped open. I say this because in untainting an email address supplied by the user, you risk wrecking valid addresses since just about any character may exist within a valid address. I used Mail::Mailer because of its proported feature of avoiding the shell, in the interest of security. I don't believe that Mail::Mailer uses a piped open, as it is the module's goal to keep the message being sent far away from the shell. But the exec one seems a little tricky to get around.

I could supply a hard-wired From, and then pass the user's supplied From through the body of the message, but even that must pass through Mail::Mailer.

Surely I am just not seeing the simple solution. ;)


Dave


"If I had my life to do over again, I'd be a plumber." -- Albert Einstein
  • Comment on Re: Re: Mail::Mailer and difficulty with -T taint mode

Replies are listed 'Best First'.
Re: Re: Re: Mail::Mailer and difficulty with -T taint mode
by sgifford (Prior) on Oct 12, 2003 at 14:39 UTC

    Some quick tests indicate that if Mail::Mailer really were using exec in a safe way, perl wouldn't care about $ENV{PATH}. 

    [sgifford@sghome sgifford]$ perl -T -e"exec('echo', 'OK')"
Insecure $ENV{PATH} while running with -T switch at -e line 1.
[sgifford@sghome sgifford]$ perl -T -e"exec('/bin/echo OK')"
Insecure $ENV{PATH} while running with -T switch at -e line 1.
[sgifford@sghome sgifford]$ perl -T -e"exec('/bin/echo', 'OK')"
OK

    [download]

    What mailer are you using with Mail::Mailer, and what version? Can you find the relevant code that you think should be secure but Perl doesn't agree? Why is it a problem to untaint the from address to guarantee that it doesn't contain anything strange?

[reply]
[d/l]
[select]
Re: Re: Re: Mail::Mailer and difficulty with -T taint mode
by PodMaster (Abbot) on Oct 12, 2003 at 11:22 UTC
    but it seems then, that it is telling me there is NO way to successfully pass a user-supplied From address to Mail::Mailer,
    So what you're saying is that you're using taint mode without knowing how it works? All of the values in %ENV are tainted. If you don't know what that means, or how to get around it, read perlsec (it's a link you know).

    MJD says "you can't just make shit up and expect the computer to know what you mean, retardo!"
    I run a Win32 PPM repository for perl 5.6.x and 5.8.x -- I take requests (README).
    ** The third rule of perl club is a statement of fact: pod is sexy.

[reply]
Re^3: Mail::Mailer and difficulty with -T taint mode
by Nkuvu (Priest) on Nov 21, 2003 at 19:55 UTC

    Mail::Mailer does use a piped open. From my version of Mail::Mailer (in MailTools 1.60) about line 226:

        # Fork and start a mailer
    (defined($exe) && open($self,"|-")) # (snip)

    [download]

    I don't know enough about packages to know if this is a potentially harmful open call, but I can understand how the taint checking is complaining about the path.

[reply]
[d/l]

In Section Seekers of Perl Wisdom