Turning off -T taint checking because your CGI script is too unsafe to run under taint mode reminds me of part two of the definition of Ostrich from the American Heritage Dictionary: "One who tries to avoid disagreeable situations by refusing to face them."
If you insist on letting users give you filenames, at very least, use the three-argument version of open.
I seem to remember reading somewhere that .htaccess is not infallable as a security measure. I can't seem to find the link now though.
I still think you should give the user a filename list, and read which item they selected from the list, by some index value. That way you only pass index values as input from the CGI script, and then you look up what file that index pertains to, and open the file yourself. Such a setup eliminates any possibility of the user specifying a dirty filename.
Dave
"If I had my life to live over again, I'd be a plumber." -- Albert Einstein
| [reply] |
I've been trying to figure out how to do the filename list, problem is that I have two programs dealing with non-static data and one refers to this one useing basic links. I can't figure out how to interface the programs without mergeing them into one program.
As a note so you can help me figure this out: My webserver has no .htaccess files. It doesn't allow for writing at all(a limit to my scripting) and it allows no access outside aliased directorys... Well, I can't say NO access... I'm sure there is soem glitch in it, but I can't even find it with my own scripts.
Gotta get to school, hoping for help with my security issue when I return...
| [reply] |