Re: Re: (ichimunki) Re x3 : disable taint for just one sub

The code is pretty simple, from the script' s view it is like this:

$file = "/tmp/emaildata." . time . ".txt";

..code to file the file with data..

$lineprinter = new Net::Printer(
                                  filename    => $file,
                                  printer     => "lpr",
                                  server      => "172.16.0.166",

                                  port        => 515,
                                  lineconvert => "YES"
                                );
$result = $lineprinter->printfile();
[download]

so it might be the $file, which is making trouble, isn't it? -- there are no silly questions killerhippy

Comment on Re: Re: (ichimunki) Re x3 : disable taint for just one sub Download Code

Replies are listed 'Best First'.
Re: Re: Re: (ichimunki) Re x3 : disable taint for just one sub by ariels (Curate) on Jul 25, 2001 at 19:27 UTC
You're not looking at it from the point of view of taint checking. Taint-checking is telling you that one of the 2 arguments to bind (probably the second) is "insecure". Looking at the source of Net::Printer, I now see the problem: Line 534 of `Printer.pm` is our old friend `if (!(bind($sh, $this))) { return "Printer: Error: Cannot bind socket: $!\n"; } # if !bind($sh, $this)` [download] Where does `$this` come from? Line 525 packs it, based on the contents of `$thisaddr`. That variable is set in line 512 from the return values of `gethostbyname($hostname)`, and `$hostname` is set at line 500 by the insecure code chop ($hostname = `hostname`);. It's potentially insecure because it uses a path lookup, and because the value is coming from outside your program. If you're very very sure that `hostname` will be returning a correct value, you can "untaint" `$hostname` by the methods discussed in this thread and in perlsec. Better would be to modify the code to discover the hostname without running another process in backticks.	[reply] [d/l]
Re: Re: Re: Re: (ichimunki) Re x3 : disable taint for just one sub by khippy (Scribe) on Sep 03, 2001 at 16:56 UTC
I have contacted the author of Net::Printer, Chris Fuhrman. Let's quote a small snippet of his answer: ---cut-here--- What I'm tenatively planning on doing is re-writing Net::Printer using IO::Socket instead of setting things up manually. This makes it easier for me to debug it in the future as well as hopefully eliminate the taint problem. ---cut-off--- That's great, I hope he finds the time to finish it soon. -- there are no silly questions killerhippy	[reply]