Beefy Boxes and Bandwidth Generously Provided by pair Networks
Your skill will accomplish
what the force of many cannot

Re^4: To taint or not to taint?

by clinton (Priest)
on Mar 19, 2009 at 15:44 UTC ( #751762=note: print w/ replies, xml ) Need Help??

in reply to Re^3: To taint or not to taint?
in thread To taint or not to taint?

Makes sense.

Which has made me think, I could change my config loader to automatically untaint all the data it loads from a file if the file is writable only by the current user, no?

Comment on Re^4: To taint or not to taint?
Replies are listed 'Best First'.
Re^5: To taint or not to taint?
by tilly (Archbishop) on Mar 19, 2009 at 15:46 UTC
    That would be a perfectly reasonable change for any non-suid script. Because any damage that can be done by changing that file can be done more easily directly without using your script.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://751762]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others cooling their heels in the Monastery: (6)
As of 2015-11-29 17:38 GMT
Find Nodes?
    Voting Booth?

    What would be the most significant thing to happen if a rope (or wire) tied the Earth and the Moon together?

    Results (751 votes), past polls