in reply to Re: Vulnerabilities when editing untrusted code... (Komodo)
in thread Vulnerabilities when editing untrusted code... (Komodo)
lanx@nc10-ubuntu:~$ cat >/tmp/tst.pl exit; ''=~('(?{B'.'EGIN{print "owned\n"}})') lanx@nc10-ubuntu:~$ perl /tmp/tst.pl owned lanx@nc10-ubuntu:~$ perl -c /tmp/tst.pl /tmp/tst.pl syntax OK
A syntax check doesn't execute your code!
UPDATE:
corrected test:
lanx@nc10-ubuntu:/tmp$ cat >tst.pl exit; ''=~('(?{B'.'EGIN{print "owned"}})') lanx@nc10-ubuntu:/tmp$ cat tst.pl exit; ''=~('(?{B'.'EGIN{print "owned"}})') lanx@nc10-ubuntu:/tmp$ perl -c tst.pl tst.pl syntax OK ownedlanx@nc10-ubuntu:/tmp$
WOW! 8(
Cheers Rolf
|
---|
Replies are listed 'Best First'. | |
---|---|
Re^3: Vulnerabilities when editing untrusted code... (Komodo)
by Fox (Pilgrim) on Jul 01, 2010 at 11:59 UTC | |
by LanX (Saint) on Jul 01, 2010 at 12:21 UTC |
In Section
Meditations