Perl: docasne vypnuti switche T
Milan Sorm
xsorm na informatics.muni.cz
Čtvrtek Říjen 29 15:21:15 CET 1998
Honza Pazdziora Thu, Oct 29, 1998 at 01:12:21PM +0100 pise:
>
> > ve svych cgi skriptech mam standardne zapnut switch T (taint check); pokud
> > takovy skript pustim pod mod_perlem, padne uz pri kompilaci na temer
> > jakekoliv pouziti eval() s tim, ze je to nebezpecne.
> > Da se nejak taint vypnout/obejit v pripadech, kdy si jsem jisty, ze zadne
> > problemy nanastanou?
>
> Man perlsec. Ja potreba udelat z tainted promenne promennou netainted.
>
> The only way to bypass the tainting mechanism is by referencing
> subpatterns from a regular expression match. Perl presumes
> that if you reference a substring using $1, $2, etc., that you
> knew what you were doing when you wrote the pattern.
>
> Doufam, ze to pomuze,
>
a nebo perl -U
-U allow unsafe operations
mozna
milan
-------------------------------------------------------------
Milan Sorm (aka John Popelnik) telefon: +420 5 41512348
FI MU, Botanicka 68a, Brno sorm na informatics.muni.cz
http://www.fi.muni.cz/~sorm/ tel. domu: (05) 46211083
fingerprint: E4 78 1D A7 C5 2C F5 3F 83 A7 97 29 73 F7 17 63
Další informace o konferenci Linux