Re: Re: Trojan Horse? (taint mode)


The stupid question is the question not asked
	PerlMonks

Re: Re: Trojan Horse? (taint mode)

by quinkan (Monk)

on Nov 26, 2001 at 05:33 UTC ( #127457=note: print w/ replies, xml )

Need Help??

in reply to Re: Trojan Horse? (taint mode)
in thread Trojan Horse? (taint mode)

The only way this is going to come and cause us grief is if we eval $a ?

But pause to consider that someone playing with your CGI script has managed to get output redirected to an executable shell script.... Which is often the aim of a malicious hack. If you don't want naughty words appearing in, for example, your system initialisation scripts, it might be a good idea to untaint everything input.

Comment on Re: Re: Trojan Horse? (taint mode)

In Section Seekers of Perl Wisdom

Node Status^?

node history
Node Type: note [id://127457]
help

Chatterbox^?

How do I use this? | Other CB clients

Other Users^?

Others having an uproarious good time at the Monastery: (6)

As of 2013-05-19 02:15 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Voting Booth^?

The best material for plates (tableware) is:

Results (396 votes), past polls