Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid
 
PerlMonks  

Re: Re: Trojan Horse? (taint mode)

by quinkan (Monk)
on Nov 26, 2001 at 05:33 UTC ( #127457=note: print w/ replies, xml ) Need Help??


in reply to Re: Trojan Horse? (taint mode)
in thread Trojan Horse? (taint mode)

The only way this is going to come and cause us grief is if we eval $a ?

But pause to consider that someone playing with your CGI script has managed to get output redirected to an executable shell script.... Which is often the aim of a malicious hack. If you don't want naughty words appearing in, for example, your system initialisation scripts, it might be a good idea to untaint everything input.


Comment on Re: Re: Trojan Horse? (taint mode)

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://127457]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (7)
As of 2014-07-13 11:16 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    When choosing user names for websites, I prefer to use:








    Results (249 votes), past polls