Re: forking question

Your 'Insecure dependency in open while running setuid' comes from taint checking, which is automatically turned on when you run suid, as if you had specified the '-T' flag.

What it means is that all strings from outside sources are viewed with suspicion because they might contain security attacks. Your $good_out and $bad_out filenames contain strings with $ENV{LOGNAME}, and that is the source of the taint. See perlsec for more details. How do you untaint? Here is an example:

my $logname = $ENV{LOGNAME};
$logname =~ m/(.*)/;
$logname = quotemeta($logname);
[download]

Then you can interpolate $logname for your file names.

Comment on Re: forking question Select or Download Code

Replies are listed 'Best First'.
Re: Re: forking question by cees (Curate) on Feb 20, 2003 at 20:42 UTC
I think the following code would be more consice: `my $logname = quotemeta($ENV{LOGNAME});` [download] In your version the regex does nothing since you don't use the results from it. `quotemeta` will automatically untaint the variable for you, so you don't need a regex at all. Perhaps it was a typo, and you meant to use quotemeta($1)? Not a big deal, but I thought it was worth mentioning. Your explaination for why there was a problem is spot on though...	[reply] [d/l] [select]

Replies are listed 'Best First'.

Re: Re: forking question
by cees (Curate) on Feb 20, 2003 at 20:42 UTC

I think the following code would be more consice:

my $logname = quotemeta($ENV{LOGNAME});
[download]

In your version the regex does nothing since you don't use the results from it. quotemeta will automatically untaint the variable for you, so you don't need a regex at all. Perhaps it was a typo, and you meant to use quotemeta($1)? Not a big deal, but I thought it was worth mentioning.

Your explaination for why there was a problem is spot on though...

[reply]
[d/l]
[select]