Re: Homegrown Pseudo-Tainting

• You can't use -T ... What do you do now?

You do the same thing you would do it you could use -T. You scrub incoming data before using it for anything potentially risky.

Comment on Re: Homegrown Pseudo-Tainting

Replies are listed 'Best First'.
Re: Re: Homegrown Pseudo-Tainting by oubiwann (Sexton) on Mar 15, 2002 at 07:03 UTC
Right, that's what I'm talking about - what are your favorite regex's or other methods for protecting your shell from user input? (sorry, I should have been more explicit)	[reply]
Re: Re: Re: Homegrown Pseudo-Tainting by dws (Chancellor) on Mar 15, 2002 at 07:31 UTC
what are your favorite regex's or other methods for protecting your shell from user input? Test for exactly what I expect, and reject anything else. The test depends on the data.	[reply]