>>>>> "Bill" == Bill McKinnon <[EMAIL PROTECTED]> writes:
>> Perl's open will dup other file descriptors if < is followed by &. This
>> isn't as potentially problematic as forking commands, but there may be
>> circumstances where someone could dup a filehandle and cause your script
>> to behave strangely/output sensitive information/etc.
There are two secure opening mechanisms (3 in perl 5.6 forthcoming).
sysopen() emulates the open(2) interface (without the normal magic),
and the following code handles arbitrary filenames to open:
$name = "./$name" unless $name =~ m{^/};
open FILE, "< $name" or die "...";
I believe this has been documented for quite some time. We can't
help people who don't read the docs.
Bill> Interesting. And for the curious, this doesn't seem to be noticed by
Bill> Perl's tainting mechanism, unless I'm misunderstanding something:
Bill> $ perl -T - '&PW'
Bill> open(PW, "/etc/passwd") or die "open(): $!\n";
Taint mode never complains about the data being passed to a filename
open for *input*. The data being read is tainted, however.
--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<[EMAIL PROTECTED]> <URL:http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
