The important point is that your code should check whether the file deletion has succeeded, and that if it has failed it should print an error message.
$thef=param('f');
$ful="../../alpha/tempf/".$thef;
unlink($ful) or die "Couldn't unlink($ful): $!";
The error message will show up in your webserver's error log.
If the filename printed is what you expect it to be, and you can't work out from the error message what the actual problem is, we can help you with that. But you will have to tell us what the error message is. | [reply]
[d/l] |
Thank you that solved it for me! I thought the error was to appear on screen. I spent so much time working at this.
The error I got for your line was:
Insecure dependency in unlink while running with -T switch at dfl.pl line 42.
What exactly this means or why I had the -T switch on in the first place I don't know, but I removed it and my file disappeared!!
If you know offhand what this all means I would like to hear but many thanks!
David
| [reply] |
The "-T switch" is Perl's mechanism to make your programs more secure. If the taint switch is on, Perl will refuse to carry out operations which are possibly insecure.Someone with bad ideas might construct a link to an important file into the URL and then that file would be deleted. All user input is considered unsafe unless you untaint it by running it through a regex (which supposes that at least you have given the danger some thought). Everything touched by a tainted piece of data gets tainted as well. By switching off the taint switch you have now opened your web application for attacks.
CountZero A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James
| [reply] |
To expand a bit on CountZero's reply, taint mode (-T) protects you from inadvertently writing a script that allows malicious abuse to be too easy. If you have specific expectations about the file(s) that should properly be deleted by this script in response to a CGI parameter that it receives, then you need to test that the value of the "f" parameter matches those expectations as explicitly as possible before you pass that parameter value to the "unlink()" function.
For example, if you know that proper file deletion requests must involve only files in a specific directory, and even better, if you know there is a specific pattern to the file names to be deleted, then your cgi script should be set up so that the browser sends a value for the "f" parameter that includes only the file name, or only the "variable" (user specified) portion of the file name. If the parameter value from the browser contains anything else (e.g. a directory path with slashes), you ignore the request -- you only do the unlink if the parameter value meets specific conditions, and you supply the directory path (and any fixed/pre-established portions of the file name) for the unlink call.
Without those checks and controls, a hacker who is lucky or knowledgeable enough to figure out file paths/names that the web-server "user" has permission to delete would be able to delete those other files, despite you having no intention to delete them.
| [reply] |
- Posts may use any of the Perl Monks Approved HTML tags: a, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul.
-
-
-
- See Writeup Formatting Tips and other pages linked from there for more info.
| [reply] |