X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=pod%2Fperlsec.pod;h=e8d44c3556d8622af0fff2e984d43d41ae7bd8d3;hb=689c5c24fe39a249807e60d4f0bb63f4fcd80b10;hp=622e25fb40ba7cfe2246093f0d842abdd304bbda;hpb=3f7d42d86a70d697ec5a8fca00c89984282b399e;p=p5sagit%2Fp5-mst-13.2.git diff --git a/pod/perlsec.pod b/pod/perlsec.pod index 622e25f..e8d44c3 100644 --- a/pod/perlsec.pod +++ b/pod/perlsec.pod @@ -44,8 +44,8 @@ directories, or processes, B: =item * -If you pass a list of arguments to either C or C, -the elements of that list are B checked for taintedness. +If you pass more than one argument to either C or C, +the arguments are B checked for taintedness. =item * @@ -53,9 +53,10 @@ Arguments to C and C are B checked for taintedness. =back -Any variable set to a value -derived from tainted data will itself be tainted, even if it is -logically impossible for the tainted data to alter the variable. +The value of an expression containing tainted data will itself be +tainted, even if it is logically impossible for the tainted data to +affect the value. + Because taintedness is associated with each scalar value, some elements of an array can be tainted and others not. @@ -107,6 +108,9 @@ For example: # either case the result is tainted since the list of filenames comes # from outside of the program. + $bad = ($arg, 23); # $bad will be tainted + $arg, `true`; # Insecure (although it isn't really) + If you try to do something insecure, you will get a fatal error saying something like "Insecure dependency" or "Insecure $ENV{PATH}". Note that you can still write an insecure B or B, but only by explicitly @@ -121,10 +125,7 @@ nearby CPAN mirror, and included in Perl starting from the release 5.8.0. Or you may be able to use the following I function. sub is_tainted { - return ! eval { - join('',@_), kill 0; - 1; - }; + return ! eval { eval("#" . substr(join("", @_), 0, 0)); 1 }; } This function makes use of the fact that the presence of tainted data