in reply to Plz help w/ taint issue while copying dir contents

All of @list is tainted. You really should read perlsec
All command line arguments, environment variables, locale information (see perllocale), results of certain system calls (readdir(), readlink(), the variable of shmread(), the messages returned by msgrcv(), the password, gcos and shell fields returned by the getpwxxx() calls), and all file input are marked as "tainted".

MJD says "you can't just make shit up and expect the computer to know what you mean, retardo!"
I run a Win32 PPM repository for perl 5.6.x and 5.8.x -- I take requests (README).
** The third rule of perl club is a statement of fact: pod is sexy.

  • Comment on Re: Plz help w/ taint issue while copying dir contents

Replies are listed 'Best First'.
Re^2: Plz help w/ taint issue while copying dir contents
by polettix (Vicar) on Apr 12, 2005 at 09:37 UTC
    Isn't 
       my @list = <$dir1/*.*>;

    [download]
    a file input instead of a readdir()?

    Flavio (perl -e "print(scalar(reverse('ti.xittelop@oivalf')))")

    Don't fool yourself.
[reply]
[d/l]
      No, it isn't (and even if it was, its external input, still tainted).
      perl -le" print for <*.*> "
      `perldoc -f glob'

      MJD says "you can't just make shit up and expect the computer to know what you mean, retardo!"
      I run a Win32 PPM repository for perl 5.6.x and 5.8.x -- I take requests (README).
      ** The third rule of perl club is a statement of fact: pod is sexy.

[reply]
[d/l]
        I read this construct in a post some time ago and figured out it was some cool file input. Next time it's better I read carefully instead of figuring out :)

        Flavio (perl -e "print(scalar(reverse('ti.xittelop@oivalf')))")

        Don't fool yourself.
[reply]

In Section Seekers of Perl Wisdom