Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

Re^4: To taint or not to taint?

by clinton (Priest)
on Mar 19, 2009 at 15:44 UTC ( #751762=note: print w/ replies, xml ) Need Help??


in reply to Re^3: To taint or not to taint?
in thread To taint or not to taint?

Makes sense.

Which has made me think, I could change my config loader to automatically untaint all the data it loads from a file if the file is writable only by the current user, no?


Comment on Re^4: To taint or not to taint?
Re^5: To taint or not to taint?
by tilly (Archbishop) on Mar 19, 2009 at 15:46 UTC
    That would be a perfectly reasonable change for any non-suid script. Because any damage that can be done by changing that file can be done more easily directly without using your script.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://751762]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others scrutinizing the Monastery: (13)
As of 2015-07-01 21:46 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (22 votes), past polls