Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery
 
PerlMonks  

Re^6: Runtime Taint Enable

by Rhandom (Curate)
on Feb 24, 2005 at 18:37 UTC ( [id://434180]=note: print w/replies, xml ) Need Help??


in reply to Re^5: Runtime Taint Enable
in thread Runtime Taint Enable

So the question is - how did those files get on the system. Most likely they are user files created in some user usable process/cgi - so the filenames themselves would be considered user data and *hopefully* taint mode would be enabled before dealing with user data. If it isn't user data from a user usable process - then it might be a good idea at this point to check for rootkits.

Either way - things might be legitimate on this box - these may be perfectly legal files. The process just needs to be sure to enable taint mode before doing such horridly taint unsafe operations.

It seems the higher the risk, or the more unknown the modules are that are being used, the closer to the beginning of the script that taint mode should be enabled. In a setuid situation it should probably be so close the beginning of the script that you use the -T.

Oh - I see you untainted - so tainting doesn't matter. Well there are a few things going in your favor. First - for this operation to work you had to be chrooted into the directory or else rm $file isn't going to work. That, or the filename returned by the <*> is going to contain the full filename /path/to/file/-rf which will most likely just give an error. So this case probably wasn't a tragedy. There are worse filenames though that certainly would cause trouble like "foo; rm -rf /" (The entire quoted string is the filename). This then becomes an issue not of taint/untaint but vs sane programming practices - such as using unlink and rmdir and File::Path::rmtree and avoiding system and exec were possible. And certainly not blindly untainting things "we" trust.

As a foot note - I've managed to create files like that before (on accident) and getting rid of them is a pain (without perl). But, in a production environment, people with the ability to put such files in places that will get read and actually do put such files in those places - those people ought to have access revoked. The hand creating of such a file indicates that much worse things almost happened at the file creation.

Again - thanks for your cautionary reponse. I agree. ++

my @a=qw(random brilliant braindead); print $a[rand(@a)];

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://434180]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others goofing around in the Monastery: (4)
As of 2024-03-29 13:10 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found