Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

Re: Insecure dependency

by davido (Cardinal)
on Sep 03, 2020 at 04:31 UTC ( #11121313=note: print w/replies, xml ) Need Help??


in reply to Insecure dependency

Stop what your're doing and think for a moment why taint mode would object to your use of $upload_dir or $file. Are those coming from user input? Why would accepting file paths from the user, and using two-arg open be considered high risk behavior? Until you've answered those questions, you shouldn't blindly untaint them.


Dave

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://11121313]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others having an uproarious good time at the Monastery: (4)
As of 2021-01-27 23:32 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Notices?