[Date Prev][Date Next][Thread Prev][Thread Next] [Search] [Date Index] [Thread Index]

Re: [MacPerl] taint checks and CGI.pm

To: Karsten Meier <krstnmr@ibm.net>
Subject: Re: [MacPerl] taint checks and CGI.pm
From: pudge@pobox.com (Chris Nandor)
Date: Sun, 28 Dec 1997 20:04:59 -0500
Cc: "MacPerl List" <mac-perl@iis.ee.ethz.ch>

At 13.55 12/28/97, Karsten Meier wrote:
>There should be another way to check if a variable is tainted.
>Maybe this should solved in the orginal perl.
>I would also like to have such a function in the debugger.

See the Taint module(s) on CPAN.  Might be something there.  Tom Phoenix
said he is attempting to make his version of Taint.pm work with MacPerl.

>But I see the following problem: If I'm on an appletalk network,
>and I have a public visible folder, someone can upload a MacPerl
>executable together with a special modified version
>of a Module like cgi.pm. If I now open my script with doubleclicking,
>the new version of MacPerl may start, because the Finder
>starts the newest version of anything, and uses the bad module.

And this problem is not at all exclusive to MacPerl.  That is more a social
problem than a technical one.

--
Chris Nandor               pudge@pobox.com           http://pudge.net/
%PGPKey=('B76E72AD',[1024,'0824 090B CE73 CA10  1FF7 7F13 8180 B6B6'])
#==                    MacPerl: Power and Ease                     ==#
#==    Publishing Date: Early 1998. http://www.ptf.com/macperl/    ==#



***** Want to unsubscribe from this list?
***** Send mail with body "unsubscribe" to mac-perl-request@iis.ee.ethz.ch

Prev by Date: Re: [MacPerl] network problems
Next by Date: Re: [MacPerl] taint checks and CGI.pm
Prev by thread: Re: [MacPerl] taint checks and CGI.pm
Next by thread: Re: [MacPerl] taint checks and CGI.pm
Navigation: Date Index | Thread Index | Search | Other lists at bumppo.net