Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

Re^4: Any security holes?

by ikegami (Patriarch)
on Jun 27, 2022 at 21:54 UTC ( [id://11145120]=note: print w/replies, xml ) Need Help??


in reply to Re^3: Any security holes?
in thread Any security holes?

encode_entities($s) would do

Replies are listed 'Best First'.
Re^5: Any security holes?
by Limbomusic (Acolyte) on Jun 28, 2022 at 06:40 UTC
    Thanx - thats also what LanX suggested so my script is now this: 
    #!C:\Perl64\site\bin\perl.exe
use strict;
use warnings;
use HTML::Entities;
use CGI;

my $cgi = CGI->new();

my $nick = $cgi->param('nick');
my $pic = $cgi->param('pic');
my $say = $cgi->param('say');
my $likes = $cgi->param('likes');
my $fav = $cgi->param('fav');
my $car = $cgi->param('car');
my $age = $cgi->param('age');
my $town = $cgi->param('town');
my $drink = $cgi->param('drink');
my $wpage = $cgi->param('wpage');

encode_entities($_)
   for $nick, $pic, $say, $likes, $fav, $car, $age, $town, $drink, $wp
+age;

open(my $fh, '>>', 'drivers.html');
print "Content-type:text/html\r\n\r\n";
print $fh "<b>$nick</b><br><img src='$pic' width='250' height='auto' b
+order='2'><br><br>Says <b>$say</b><br>Likes <b>$likes</b><br>Favorite
+ vehicle <b>$fav</b><br> Real life car/vehicle <b>$car</b><br>Age <b>
+$age</b><br>Hometown <b>$town</b><br>Favorite drink <b>$drink</b><br>
+<b><a href='$wpage'>$wpage</a></b><HR color=#008000 SIZE=2>\n";
print "<html><head><meta http-equiv = 'refresh' content = '0; url = dr
+ivers.html' /></head>";
close $fh;

    [download]
    I also tried using -T (taint) after the shebang line but then I just get 500 Internal error - any idea why?
[reply]
[d/l]
      I also tried using -T (taint) after the shebang line but then I just get 500 Internal error - any idea why?

      Your script attempts to write tainted data to the filesystem. Running in taint mode protects you from doing this which is a very good reason to run in taint mode. See your web server's error log for more detail.

      Update: As in the replies, there is no reason why your script as posted would not run under taint mode. I too have just tried it and it works fine.

      🦛

[reply]
        Your script attempts to write tainted data to the filesystem. Running in taint mode protects you from doing this ...

        This is not how taint mode works. You can write tainted data to the file system just fine. It is passing tainted data to the OS (via the file system, starting processes and the like) where taint mode kicks in.

        A frequent path to taint failures is whenever environment variables like e.g. $ENV{HOME} or $ENV{TMP} are used by Perl modules. This may also differ between platforms. For example, my current Linux desktops don't even have $ENV{TMP} defined, whereas on Windows it is usually set.

[reply]

        Running in taint mode protects you from doing this

        No it doesn't.

        Taint prevents code execution. While writing to disk could eventually lead to it getting executed, it's too far removed for taint purposes.

        The posted program runs fine in taint mode.

[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://11145120]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others chilling in the Monastery: (2)
As of 2024-04-24 17:03 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found