On Thu, 6 Sep 2001, Gary Benson wrote:
>
> On 6 Sep 2001 [EMAIL PROTECTED] wrote:
>
> > stas 01/09/05 19:36:44
> >
> > Modified: perl-framework/Apache-Test/lib/Apache TestConfig.pm
> > TestConfigParse.pm
> > Log:
> > - enable taint mode in tests via PerlSwitches -T
> > - untaint $ENV{PATH} before using open "-|"
>
> [snip]
>
> > diff -u -r1.7 -r1.8
> > --- TestConfigParse.pm 2001/08/20 15:20:50 1.7
> > +++ TestConfigParse.pm 2001/09/06 02:36:44 1.8
> > @@ -220,6 +220,8 @@
> >
> > my $version;
> > my $cmd = "$httpd -v";
> > + # untaint
> > + $ENV{PATH} = '/bin:/usr/bin';
> > open my $v, '-|', $cmd or die "$cmd failed: $!";
> >
> > local $_;
>
> This breaks on mine even though $httpd is an absolute path at this point.
You mean if you don't add the patch from above?
> I'm not familiar enough with Perl to know why this should be, but is there
> a better way (like $ENV{PATH} = '/bin:/usr/bin' unless $httpd =~ m:^/:;).
> Would that successfully untaint it?
It's not about being absolute path or not, it's about opening "-|", which
is insecure if $ENV{PATH} is not untainted.
> I can't tell, since mine doesn't complain about it being tainted at this
> point and I can't figure out a way to make it do so. Why do you need to
> untaint here anyway? Is this something from mod_perl? I'm confused!
What's your Perl version? perl -v ?
It has nothing to do with mod_perl, it's a pure Perl issue (a good one :)
For more information please read the perlsec manpage:
% perldoc perlsec
or as the mod_perl guide suggests:
http://perl.apache.org/guide/help.html#Get_help_with_Perl_CGI:
http://www.gunther.web66.com/FAQS/taintmode.html
_____________________________________________________________________
Stas Bekman JAm_pH -- Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide http://perl.apache.org/guide
mailto:[EMAIL PROTECTED] http://apachetoday.com http://eXtropia.com/
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
