Re: [MacPerl] Taint Checks

["Paul J. Schinder" <schinder@pjstoaster.pg.md.us>]

bart.mediamind@tornado.be (Bart Lateur) writes:
}Excuse my ignorance, but what IS taint checking?
}
}I thought that, on a Unix box, this applied mostly to preventing
}dangerous thing to happen, especially relating to calling externam
}programs (sommand lines), but what does it mean on a Mac?

Perl itself is so powerful (think about "unlink", for example) that the
"command line" and external programs are the least of your worries. I
haven't used tainting that much myself, but my understanding is that every
piece of data that comes from outside the Perl script is "tainted".
Anything that's computed from tainted data is also tainted.  Perl will
refuse to do a large number of operations  with tainted data, mostly, but
as I understand it not exclusively, involving doing things to the local
file system.  There are ways of untainting data, but deliberately it's not
simple.

Mac users tend to be complacent about security because they so often hear
that "Macs are uncrackable", and it's true enough that MacOS won't fall to
the classic Unix attacks.  But anyone complacent enough to run a Perl CGI
without taitning on may find out the hard way about other possible ways to
be compromised.  For example, suppose you're foolish enough to eval
arbitarary Perl from a Web form, expecting the user to put in something
innocuous like "print "Hello, world\n"", you might instead find "use
File::Find;find(sub{unlink $File::Find::name},":");" instead (which will at
least solve your security problem).  More subtle attacks are also possible;
remember that Perl is quite capable of opening a socket and writing data
back to remote sites.


}
}	Bart Lateur
}	bart.mediamind@tornado.be
}

---
Paul J. Schinder
NASA Goddard Space Flight Center
Code 693, Greenbelt, MD 20771
schinder@pjstoaster.pg.md.us



***** Want to unsubscribe from this list?
***** Send mail with body "unsubscribe" to mac-perl-request@iis.ee.ethz.ch