But in the context of taint checking w/ CGI, isn't the main point just that you should scrub your CGI parameters?? Your web server should not be set-UID to root so the security problem is that stuff from "the world" needs to be checked.
So isn't a reasonable solution as simple as replacing the few CGI.pm methods that get data from the client with versions that require "scrubbing instructions"? I'd probably make a tiny hack to CGI.pm to prevent it from being used directly and then make a CGI::Safe where the param() method is a fatal error but safeparam() requires an extra argument that is the scrubbing instructions.
I'd support a few formats of scrubbing instructions. You should make the most common case of requiring the parameter value to match /^\w[-\w.]*\z/ be very easy. But if a ref to a regex is provided, then apply the regex and die if it fails, return $1 if successful. If a code ref is provided, just run that code.
- tye (but my friends call me "Tye")In reply to (tye)Re: Alternatives to Taint Checking?
by tye
in thread Alternatives to Taint Checking?
by Ovid
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |