Re: [perl #24291] Taint checking against the wrong environment

On Sun, Oct 26, 2003 at 11:31:42PM +0000, Ton Hospel wrote:
> In article <20031027002524.7b444942.rgarciasuarez@_ree._r>,
> 	Rafael Garcia-Suarez <rgarciasuarez@free.fr> writes:
> > Maybe do nothing and let people shoot in their feet.
> >
> > Maybe just forbid aliasing *ENV at all. (with the collateral damage
> > on $ENV etc.) (or couldn't this chained alias thing be solved
> > by looking at the GvEGV ?)
> 
> Crashing, dieing, compile erors  etc. are all solutions (though
> certainly not my preferred solutions), but doing nothing isn't
> acceptable since it's a potential security hole.

SEGVs better than continuing? I can't agree.

Nicholas Clark

• [perl #24291] Taint checking against the wrong environment by perlbug-followup
• Re: [perl #24291] Taint checking against the wrong environment by hv
• Re: [perl #24291] Taint checking against the wrong environment by Rafael Garcia-Suarez
• Re: [perl #24291] Taint checking against the wrong environment by hv
• Re: [perl #24291] Taint checking against the wrong environment by Rafael Garcia-Suarez
• Re: [perl #24291] Taint checking against the wrong environment by perl5-porters
• Re: [perl #24291] Taint checking against the wrong environment by Nicholas Clark
• Re: [perl #24291] Taint checking against the wrong environment by Rafael Garcia-Suarez
• [PATCH] Re: [perl #24291] Taint checking against the wrong environment by Rafael Garcia-Suarez
• Re: [PATCH] Re: [perl #24291] Taint checking against the wrong environment by perl5-porters
• Re: [PATCH] Re: [perl #24291] Taint checking against the wrong environment by Rafael Garcia-Suarez
• Re: [PATCH] Re: [perl #24291] Taint checking against the wrong environment by perl5-porters
• Re: [PATCH] Re: [perl #24291] Taint checking against the wrong environment by Rafael Garcia-Suarez
• Re: [perl #24291] Taint checking against the wrong environment by perl5-porters