Loading ...
Sorry, an error occurred while loading the content.

Thanks

Expand Messages
  • Peter Lovett
    Thanks. I didn t know about -q. It s very helpful. Peter
    Message 1 of 1 , Nov 1, 2001
    • 0 Attachment
      Thanks. I didn't know about -q. It's very helpful.
      Peter

      Little Dragon wrote:
      >
      > # How to tell if $var is tainted here?
      >
      > perldoc -q taint
      >
      > How can I tell if a variable is tainted?
      >
      > See the Laundering and Detecting Tainted Data entry in the
      > perlsec manpage. Here's an example (which doesn't use any
      > system calls, because the kill() is given no processes to
      > signal):
      >
      > sub is_tainted {
      > return ! eval { join('',@_), kill 0; 1; };
      > }
      >
      > This is not `-w' clean, however. There is no `-w' clean
      > way to detect taintedness - take this as a hint that you
      > should untaint all possibly-tainted data.
      >
      > --
      > Radu <littledragon@...> www.littledragon.f2s.com
      > It is the weak who are cruel, only the strong can be truly gentle.
      >
    Your message has been successfully submitted and would be delivered to recipients shortly.