in reply to Re: (Ovid) Re: A Quest for Taint
in thread A Quest for Taint

This is more than just something that would be 'nice' to have. I'm working hard to get perl accepted as a approved development language where I work, and insisting on taint mode is a big key on selling perl security.

We are a large corporation with tons of beaurocratic steps at every phase of development, staging, and production. We have one brave development group that's pushing forward with a huge perl dependant application that's just hit a huge problem with taint mode.

The application is actually part of numerous enviornments so the paths to the libraries change with each execution depending upon $ENV{USR_LOCAL_LIB_PATH}. With no way to untaint the $ENV{USR_LOCAL_LIB_PATH} prior to execution time there is no way to update the @INC at compile time.

The only way I can see around this is to establish separate perl binaries/libraries for each enviornment... not an easy thing to do with separate sysadmin, security, and development beaurocracies all with hands mucking up the machinery of progress.

I don't suppose anyone see's another way around this? (Hardcoding the lib paths is NOT an option.)

coreolyn Duct tape devotee.
-- That's OO perl, NOT uh-oh perl !-)

Replies are listed 'Best First'.
Re: Re: Re: (Ovid) Re: A Quest for Taint
by chipmunk (Parson) on Dec 13, 2000 at 10:49 UTC
    I'm having trouble understanding the issue here... $ENV{USR_LOCAL_LIB_PATH} has to be set at compile time, or you wouldn't be able to update @INC at compile time anyway. So, if $ENV{USR_LOCAL_LIB_PATH} is set at compile time, why can't you untaint it at compile time?
[reply]

      Because you can't run a regex against the variable to untaint the value until execution time.

      Maybe I can give a better explanation of what's going on here:
      The overall application has an Environment variable pointing to the root of a filesystem/application tree. Lets call it good ol $ENV{FOO}. So far so good, but the perl script needs to pull in a library that is relative to $ENV{FOO}. Let's call that "/bar/lib". There is no way under perl -T that I can call 'use lib "$ENV{FOO}/bar/lib"' because I cannot clear the taint from $ENV{FOO} at compile time.

      Hmmm too much english here's some code:

      #! /usr/bin/perl -T
$DEZVAR = $ENV{CRROOTWSDIR};

if ($CRROOTWSDIR =~ /^([-\/\w.]+)$/) #Can't evaluate this 
      {                              #until execution
         $MAINPATH = $1
       }
else
      {
        die "Invalid path, please check setenv";
       }

$LIB = "$MAINPATH/cr/cds/comms/x2p";

use lib $LIB; #Must be available at compiletime

blah;
blah;
blah;

      [download]

      coreolyn Duct tape devotee.
      -- That's OO perl, NOT uh-oh perl !-)

[reply]
[d/l]
        Ah, but that's what BEGIN blocks are for. BEGIN { } blocks are executed at compile time.

        #! /usr/bin/perl -T
BEGIN {
  $DEZVAR = $ENV{CRROOTWSDIR};

  if ($CRROOTWSDIR =~ /^([-\/\w.]+)$/) {
    $MAINPATH = $1
  } else {
    die "Invalid path, please check setenv";
  }

  $LIB = "$MAINPATH/cr/cds/comms/x2p";
}

use lib $LIB;

blah;
blah;
blah;

        [download]
        The important thing here is that the use lib has to be outside the BEGIN block. If it were inside, it would be executed while the BEGIN block was being compiled, not while it was being executed.

        Other useful blocks include: END {}, executed when your program is about to exit; CHECK {}, executed after your program has been compiled; and INIT {}, executed before your program starts running. The difference between the latter two is that perl -c will execute CHECK {} blocks, but not INIT {} blocks. CHECK {} was added in 5.6.0.

        UPDATE: I don't know why, but BEGIN et al. are documented in perlmod. Thanks to merlyn for pointing me there!

[reply]
[d/l]

In Section Seekers of Perl Wisdom