Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

Turning on Taint in mod_perl after compile time or in specific packages only?

by Withigo (Friar)
on Aug 07, 2008 at 20:45 UTC ( #702993=perlquestion: print w/ replies, xml ) Need Help??
Withigo has asked for the wisdom of the Perl Monks concerning the following question:

Dear Monks,
I was wondering if there was any way to turn on taint mode after perl has started running, and only inside certain packages? I'm interested in knowing how theoretically possible this would be even if the only ways involve XS hacking or modifying the perl source.

There are very specific reasons beyond my control for why I cannot just enable taint mode globally, so I'm looking for alternative substitutes or modules.

Thanks!

Comment on Turning on Taint in mod_perl after compile time or in specific packages only?
Re: Turning on Taint in mod_perl after compile time or in specific packages only?
by Rhandom (Curate) on Aug 07, 2008 at 21:57 UTC
    <Superhero> This looks like a job for Taint::Runtime </Superhero>

    Update: I should've been more specific. You should use prefork rather than worker. If you use worker, then yes, you will have to deal with a single thread and you can't do much. In a prefork model - every forked interpreter will only deal with one request at a time. The code then to handle this with Taint::Runtime would be:

    use Taint::Runtime qw($TAINT taint_env taint_deep); sub my_handler { local $TAINT = 1; taint_env(); taint_deep(\%other_items); ... }


    Taint::Runtime documentation goes into detail about why it is a bad idea to do runtime tainting. But just because it is bad in general cases doesn't mean it is bad in thoroughly covered cases. The big danger is making sure data streams that were set up prior to the handler invocation are properly tainted.

    my @a=qw(random brilliant braindead); print $a[rand(@a)];
      ... not sure which I like the most - the answer or your sig :-))

      A user level that continues to overstate my experience :-))
Re: Turning on Taint in mod_perl after compile time or in specific packages only?
by perrin (Chancellor) on Aug 07, 2008 at 21:59 UTC
    No, there is not. There's only one Perl interpreter per process/thread in a persistent environment like mod_perl, and taint is either on or not.

    UPDATE: One workaround would be to run multiple mod_perl backends, one with taint on and one with taint off, and send requests to the appropriate one through your front-end proxy.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://702993]
Approved by Corion
Front-paged by Corion
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (18)
As of 2014-08-22 19:03 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The best computer themed movie is:











    Results (163 votes), past polls