elbie has asked for the wisdom of the Perl Monks concerning the following question:
I'm just starting to play around with the taint -T switch in some of my programs, and I'm trying to figure out what gets marked as taintet, and what doesn't.
One thing that I am puzzled over is the behaviour of the glob angle brackets. I have an extremely simple example that complains Insecure dependency in glob while running with -T switch at ./taintglob.pl line 5.
#! /usr/bin/perl -wT use strict; delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; my @entries = </var/www/htdocs/*.html>;
Seems straightforward enough. I found an old node that seems related, and in fact the parent node (as well as perlsec)indicates that this is supposed to happen (in perl 5.005_3, at least, which I am using).
So how do I get around this? File::Glob doesn't seem to exist for 5.5. Is there another module I can use? Am I missing something?
elbieelbieelbie
|
---|
Replies are listed 'Best First'. | |
---|---|
Re: Newbie Tainted glob question
by chipmunk (Parson) on Oct 24, 2001 at 20:42 UTC | |
Re: Newbie Tainted glob question
by tachyon (Chancellor) on Oct 24, 2001 at 20:43 UTC | |
Re: Newbie Tainted glob question
by Albannach (Monsignor) on Oct 24, 2001 at 20:35 UTC | |
Re: Newbie Tainted glob question
by DamnDirtyApe (Curate) on Oct 25, 2001 at 02:30 UTC | |
by blakem (Monsignor) on Oct 25, 2001 at 02:58 UTC | |
by elbie (Curate) on Oct 25, 2001 at 05:37 UTC | |
by DamnDirtyApe (Curate) on Oct 25, 2001 at 08:22 UTC | |
by blakem (Monsignor) on Oct 25, 2001 at 11:25 UTC |
Back to
Seekers of Perl Wisdom