Re: Unlink under taint mode

I can't immediately see the problem with your code, but what I would do is to use the tainted function from Scalar::Util to pinpoint the exactly which variable is giving you trouble.

BTW, to avoid . and .., all you need to do is

my @files = map untaint( $_ ), grep !/^\.\.?$/, readdir DIR;
[download]

or better yet

my @files = map untaint( $_ ), grep -f "$dir/$_", readdir DIR;
[download]

Also, the regexp in your untaint function could be written more economically as

/([\w-]+)/
[download]

\w already implies _, and there's no need to escape - (nor _ BTW) inside the [ ] as long as it is the first or the last character in the group (e.g. [-AZ] matches -, A, and Z.).

the lowliest monk

Comment on Re: Unlink under taint mode Select or Download Code

Replies are listed 'Best First'.
Follow up by Andre_br (Pilgrim) on Apr 10, 2005 at 02:12 UTC
Hey Postulant, Thanks for the tips on the regexp. But, as Perl doesn´t mind about the regexp I use, for what concerns -T, I still wonder what´s wrong. The "." and ".." are properly skipped, because I only run the unlink if the checked file variable is defined. I was wondering: may the problem be the path?? In the command, unlink "../users/$subcookie/$checked_file", both $subookie and $checked_file have been untainted. The only one thing this command still relies is the path! How can I clean up the path?? (It´s strange that this path wasn´t problem before when I even opened files for writting and stuff; maybe if unlink is more demanding about security, don´t know...) Any hints? Thanks a lot André	[reply]
Re: Follow up by tlm (Prior) on Apr 10, 2005 at 02:31 UTC
The important part of my earlier reply was the bit about `Scalar::Util::tainted` (which I would just repeat now); the stuff about the regexps was just BTW. the lowliest monk	[reply] [d/l]