RE: RE: RE: Re: Using perl to automate mail backup

Oppps! I didn't even realize that the directory gets reset when the program exits. All my other experience programming in the dos environment ( masm, turbo pascal ) you had to save the path and restore it when you exit or you would be left in the last directory your program set.

That solves that problem. I can remove that section of code and use taint checking.

I had looked at the Cwd module, but its implementation is the same:

Taken from Cwd.pm

sub _backtick_pwd {
    my $cwd;
    chop($cwd = `pwd`);
    $cwd;
}
[download]

And the working directory returned is tainted.

zzspectrez

Comment on RE: RE: RE: Re: Using perl to automate mail backup Download Code

Replies are listed 'Best First'.
RE: RE: RE: RE: Re: Using perl to automate mail backup by Fastolfe (Vicar) on Nov 13, 2000 at 08:55 UTC
Check the 'getcwd' function instead of 'cwd'. This does not use an external command. It's a lot more intensive, but does a more thorough job (and may perhaps be how 'pwd' does it internally, actually). Data may still be considered tainted, though. I don't really think there's going to be a way to get at filesystem information in such a way that you can't consider it unsafe/tainted to begin with, since any part of it can be arbitrarily supplied by any user. If you trust it, un-taint it.	[reply]

Replies are listed 'Best First'.

RE: RE: RE: RE: Re: Using perl to automate mail backup
by Fastolfe (Vicar) on Nov 13, 2000 at 08:55 UTC

can't

[reply]