On Sun, Aug 19, 2001 at 04:12:00PM -0500, Me ([EMAIL PROTECTED]) spew-ed forth:
>
> <sermon>
[snipped]
> </sermon>
<soapbox>
I don't find that very helpful. First, I would consider this flaim-bait,
which isn't appropriate for this list. Second, we have no idea what he
needs this for, and it is unfair to give this 'sermon'. If someone asks
a vague and newbie-like question about socket programming, I wouldn't
assume they are trying to write code to scan and attack other boxen.
My 'guess' would give him a little more credit, and think he either
misunderstands the need for untainting, or really just wants to try to
match what may be a UNIX password.
</soapbox>
Now, to hopefully help this person... I'd want to ask if the system this
is being written for has any rules for passwords. For example, do you
limit them to 6-10 characters, do you disallow any characters, do you
make sure they contain at least 1 digit, etc.... This would help
determine what pattern would match what you need.
Also, are you really *needing* to untaint data, or do you really need to
simply match what you are expecting. I guess it would help if we had
some info on the application. You may also want to read the perlre and
perlsec documentation.
Cheers,
Kevin
--
[Writing CGI Applications with Perl - http://perlcgi-book.com]
"We all agree on the necessity of compromise. We just can't agree on
when it's necessary to compromise."
--Larry Wall in <[EMAIL PROTECTED]>
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
