X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=pod%2Fperlsec.pod;h=1c2dbd266d47e819b6cf12e262647a92e6596126;hb=890ed176d1ab1cf305ce9634210857cfed305fff;hp=d5effd90dbfd45f430aeb177722f5841bc96f089;hpb=0d7c09bbda3e156731933b5a499b81784cf6adf2;p=p5sagit%2Fp5-mst-13.2.git

diff --git a/pod/perlsec.pod b/pod/perlsec.pod
index d5effd9..1c2dbd2 100644
--- a/pod/perlsec.pod
+++ b/pod/perlsec.pod
@@ -44,14 +44,6 @@ directories, or processes, B<with the following exceptions>:
 
 =item *
 
-If you pass more than one argument to either C<system> or C<exec>,
-the arguments are checked for taintedness B<but> the operation will still
-be attempted, emitting an optional warning.  This will be fatal in a 
-future version of perl so do not rely on it to bypass the tainting 
-mechanism.
-
-=item *
-
 Arguments to C<print> and C<syswrite> are B<not> checked for taintedness.
 
 =item *
@@ -92,7 +84,7 @@ For example:
     $data = 'abc';		# Not tainted
 
     system "echo $arg";		# Insecure
-    system "/bin/echo", $arg;	# Allowed but considered insecure
+    system "/bin/echo", $arg;	# Considered insecure
 				# (Perl doesn't know about /bin/echo)
     system "echo $hid";		# Insecure
     system "echo $data";	# Insecure until PATH set
@@ -110,7 +102,7 @@ For example:
 
     open(FOO,"echo $arg|");	# Not OK
     open(FOO,"-|")
-	or exec 'echo', $arg;	# Allowed but not really OK
+	or exec 'echo', $arg;	# Also not OK
 
     $shout = `echo $arg`;	# Insecure, $shout now tainted
 
@@ -118,8 +110,8 @@ For example:
     umask $arg;			# Insecure
 
     exec "echo $arg";		# Insecure
-    exec "echo", $arg;		# Allowed but considered insecure
-    exec "sh", '-c', $arg;	# Considered secure, alas!
+    exec "echo", $arg;		# Insecure
+    exec "sh", '-c', $arg;	# Very insecure!
 
     @files = <*.c>;		# insecure (uses readdir() or similar)
     @files = glob('*.c');	# insecure (uses readdir() or similar)
@@ -133,10 +125,7 @@ For example:
     $arg, `true`;		# Insecure (although it isn't really)
 
 If you try to do something insecure, you will get a fatal error saying
-something like "Insecure dependency" or "Insecure $ENV{PATH}".  Note that you
-can still write an insecure B<system> or B<exec>, but only by explicitly
-doing something like the "considered secure" example above.  This will not
-be possible in a future version of Perl.
+something like "Insecure dependency" or "Insecure $ENV{PATH}".
 
 =head2 Laundering and Detecting Tainted Data
 
@@ -175,7 +164,7 @@ or a dot.
     if ($data =~ /^([-\@\w.]+)$/) {
 	$data = $1; 			# $data now untainted
     } else {
-	die "Bad data in $data"; 	# log this somewhere
+	die "Bad data in '$data'"; 	# log this somewhere
     }
 
 This is fairly secure because C</\w+/> doesn't normally match shell