On Dec 9, 2008, at 10:30 PM, John E. Malmberg wrote:
Tainting DCL$PATH has no effect on Perl on VMS.
But DCL$PATH will be used by DCL after invoking system() or backticks
in a manner very similar to how PATH is used on other systems.
Tainting is specifically designed to handle just such interactions
with the outside world.
That logical name is not currently used internal to Perl so it never
gets checked to see if it is tainted.
Check again:
$ search *.c dcl$path
******************************
D0:[CRAIG.perl]mg.c;1
if (s && klen == 8 && strEQ(ptr, "DCL$PATH")) {
do { /* DCL$PATH may be a search list */
******************************
D0:[CRAIG.perl]taint.c;1
char name[10 + TYPE_DIGITS(int)] = "DCL$PATH";
len = my_sprintf(name,"DCL$PATH;%d", i);
taint_proper("Insecure %s%s", "$ENV{DCL$PATH}");
taint_proper("Insecure directory in %s%s", "$ENV{DCL
$PATH}");
******************************
D0:[CRAIG.perl]util.c;1
(!hasdir && my_trnlnm("DCL$PATH",tmpbuf,idx++)) )
________________________________________
Craig A. Berry
mailto:[EMAIL PROTECTED]
"... getting out of a sonnet is much more
difficult than getting in."
Brad Leithauser
