$file = "/tmp/emaildata." . time . ".txt";

..code to file the file with data..

$lineprinter = new Net::Printer(
                                  filename    => $file,
                                  printer     => "lpr",
                                  server      => "172.16.0.166",

                                  port        => 515,
                                  lineconvert => "YES"
                                );
$result = $lineprinter->printfile();
[download]

You're not looking at it from the point of view of taint checking. Taint-checking is telling you that one of the 2 arguments to bind (probably the second) is "insecure".

Looking at the source of Net::Printer, I now see the problem: Line 534 of Printer.pm is our old friend

    if (!(bind($sh, $this))) {
    return "Printer: Error: Cannot bind socket: $!\n";
    } # if !bind($sh, $this)
[download]

Where does $this come from? Line 525 packs it, based on the contents of $thisaddr. That variable is set in line 512 from the return values of gethostbyname($hostname), and $hostname is set at line 500 by the insecure code chop ($hostname = `hostname`);.

It's potentially insecure because it uses a path lookup, and because the value is coming from outside your program. If you're very very sure that hostname will be returning a correct value, you can "untaint" $hostname by the methods discussed in this thread and in perlsec.

Better would be to modify the code to discover the hostname without running another process in backticks.

I have contacted the author of Net::Printer, Chris Fuhrman.


Let's quote a small snippet of his answer:
---cut-here---
What I'm tenatively planning on doing is re-writing
Net::Printer using IO::Socket instead of setting
things up manually. This makes it easier for me to
debug it in the future as well as hopefully
eliminate the
taint problem.
---cut-off---

That's great, I hope he finds the time to finish it
soon.
--
there are no silly questions killerhippy