From: Randy J. Ray <rjray@uswest.com>
Date: Wed, 9 Oct 1996 02:24:48 +0000 (-0400)
Subject: PATCH: untaint method for IO::Handle, 5.003_06 version
X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=515e7bd7b61ce9581ca597e2697aa243300f4a60;p=p5sagit%2Fp5-mst-13.2.git

PATCH: untaint method for IO::Handle, 5.003_06 version

This is a re-post of my patch to Graham's IO library to add a method in
IO::Handle called "untaint", that sets the IOf_UNTAINT flag on an object
that is of or inherits from IO::Handle. With this flag set, data read from
said handle is not tainted, whether running under -T, suid or sgid.

This patch adds the method to IO.xs, adds documentation and warning to the
pod of IO/Handle.pm, creates a new test in t/lib called io_taint.t, and
adds mention of the new file to MANIFEST.

Document IO::Handle::untaint and give warning about the bad
things it can do.
---

diff --git a/ext/IO/lib/IO/Handle.pm b/ext/IO/lib/IO/Handle.pm
index 54b32f4..e4abdd2 100644
--- a/ext/IO/lib/IO/Handle.pm
+++ b/ext/IO/lib/IO/Handle.pm
@@ -143,6 +143,19 @@ Returns true if the object is currently a valid file descriptor.
 
 =back
 
+Lastly, a special method for working under B<-T> and setuid/gid scripts:
+
+=over
+
+=item $fh->untaint
+
+Marks the object as taint-clean, and as such data read from it will also
+be considered taint-clean. Note that this is a very trusting action to
+take, and appropriate consideration for the data source and potential
+vulnerability should be kept in mind.
+
+=back
+
 =head1 NOTE
 
 A C<IO::Handle> object is a GLOB reference. Some modules that