Front page | perl.perl5.porters |
Postings from February 2000
On 2000-02-04, Tom Christiansen <tchrist@chthon.perl.com> wrote: [big snip] > There *is* one more thing we might be able to do, one that's a bit > more proactive. We might augment Perl's open function so that it > would emit a warning when run with warnings[FN#2] and/or that it > would raise an exception when run in taint mode[FN#3]. > This would mean checking for using the perilously simplistic > open(FH, ">filename") style of open (which, being fopen(path, "w"), > is really O_TRUNC|O_CREAT not O_EXCL|O_CREAT) on a file whose name > looks like a tempfile. > Now, just how could you ever tell that? Well, one could watch for > "$$" at the end of the filename. Maybe this would be only in > conjunction with a "/tmp/" component, but not necessarily rooted > at slash, so that /usr/tmp and /var/tmp would show up, too. A generalized check which doesn't require hard-coded paths, might be paranoid enough, and has a *chance* of being portable to sub-UNIX OSs could be: is the directory the file is being created in world-writable? If so, emit warning-of-choice. This is probably breakable by racing the bottom level dir. But it might be worth thinking more about. -- Hank Leininger <hlein@progressive-comp.com>Thread Previous