From: Randy J. Ray Date: Wed, 9 Oct 1996 02:24:48 +0000 (-0400) Subject: PATCH: untaint method for IO::Handle, 5.003_06 version X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=515e7bd7b61ce9581ca597e2697aa243300f4a60;p=p5sagit%2Fp5-mst-13.2.git PATCH: untaint method for IO::Handle, 5.003_06 version This is a re-post of my patch to Graham's IO library to add a method in IO::Handle called "untaint", that sets the IOf_UNTAINT flag on an object that is of or inherits from IO::Handle. With this flag set, data read from said handle is not tainted, whether running under -T, suid or sgid. This patch adds the method to IO.xs, adds documentation and warning to the pod of IO/Handle.pm, creates a new test in t/lib called io_taint.t, and adds mention of the new file to MANIFEST. Document IO::Handle::untaint and give warning about the bad things it can do. --- diff --git a/ext/IO/lib/IO/Handle.pm b/ext/IO/lib/IO/Handle.pm index 54b32f4..e4abdd2 100644 --- a/ext/IO/lib/IO/Handle.pm +++ b/ext/IO/lib/IO/Handle.pm @@ -143,6 +143,19 @@ Returns true if the object is currently a valid file descriptor. =back +Lastly, a special method for working under B<-T> and setuid/gid scripts: + +=over + +=item $fh->untaint + +Marks the object as taint-clean, and as such data read from it will also +be considered taint-clean. Note that this is a very trusting action to +take, and appropriate consideration for the data source and potential +vulnerability should be kept in mind. + +=back + =head1 NOTE A C object is a GLOB reference. Some modules that