X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=pod%2Fperlsec.pod;h=2e1fda370406866fc5c51fe782c0f893d2804024;hb=97828cef4d4cd22b548b8ec430d2e0e28ea8ae8c;hp=8616c642d30850b3869f44d08a11303a3cf4d974;hpb=7f6513c1071003ae5bc4d38d5816fd7d293c6346;p=p5sagit%2Fp5-mst-13.2.git diff --git a/pod/perlsec.pod b/pod/perlsec.pod index 8616c64..2e1fda3 100644 --- a/pod/perlsec.pod +++ b/pod/perlsec.pod @@ -44,14 +44,6 @@ directories, or processes, B: =item * -If you pass more than one argument to either C or C, -the arguments are checked for taintedness B the operation will still -be attempted, emitting an optional warning. This will be fatal in a -future version of perl so do not rely on it to bypass the tainting -mechanism. - -=item * - Arguments to C and C are B checked for taintedness. =item * @@ -92,7 +84,7 @@ For example: $data = 'abc'; # Not tainted system "echo $arg"; # Insecure - system "/bin/echo", $arg; # Allowed but considered insecure + system "/bin/echo", $arg; # Considered insecure # (Perl doesn't know about /bin/echo) system "echo $hid"; # Insecure system "echo $data"; # Insecure until PATH set @@ -110,7 +102,7 @@ For example: open(FOO,"echo $arg|"); # Not OK open(FOO,"-|") - or exec 'echo', $arg; # Allowed but not really OK + or exec 'echo', $arg; # Also not OK $shout = `echo $arg`; # Insecure, $shout now tainted @@ -118,8 +110,8 @@ For example: umask $arg; # Insecure exec "echo $arg"; # Insecure - exec "echo", $arg; # Allowed but considered insecure - exec "sh", '-c', $arg; # Considered secure, alas! + exec "echo", $arg; # Insecure + exec "sh", '-c', $arg; # Very insecure! @files = <*.c>; # insecure (uses readdir() or similar) @files = glob('*.c'); # insecure (uses readdir() or similar) @@ -133,10 +125,7 @@ For example: $arg, `true`; # Insecure (although it isn't really) If you try to do something insecure, you will get a fatal error saying -something like "Insecure dependency" or "Insecure $ENV{PATH}". Note that you -can still write an insecure B or B, but only by explicitly -doing something like the "considered secure" example above. This will not -be possible in a future version of Perl. +something like "Insecure dependency" or "Insecure $ENV{PATH}". =head2 Laundering and Detecting Tainted Data @@ -390,6 +379,13 @@ Your access to it does not give you permission to use it blah blah blah." You should see a lawyer to be sure your licence's wording will stand up in court. +=head2 Unicode + +Unicode is a new and complex technology and one may easily overlook +certain security pitfalls. See L for an overview and +L for details, and L for security implications in particular. + =head1 SEE ALSO L for its description of cleaning up environment variables.