RE: Can System() of Perl be bypassed?

• Previous message: Dana Epp: "Re: Can System() of Perl be bypassed?"
• Maybe in reply to: Sandeep Giri: "Can System() of Perl be bypassed?"
• Next in thread: FBO: "Re: Can System() of Perl be bypassed?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Tom Arseneault <TArseneault@counterpane.com>
To: "'Sandeep Giri'" <sandeepgiri@indiatimes.com>, secprog@securityfocus.com
Date: Wed, 22 Jan 2003 15:10:39 -0800

Taint stops you from using the raw input in the system command (you need to
touch the data in some way to un-taint it, see the docs for more info) but
if you miss something when you process his/her input you can still run into
problems. So while it's a help, proper handling of the data (getting rid of
shell escape characters or better yet create a char class of good characters
and only allow them thru to the system command) is the way to go.

Tom

-----Original Message-----
From: Sandeep Giri [mailto:sandeepgiri@indiatimes.com]
Sent: Tuesday, January 21, 2003 11:03 PM
To: secprog@securityfocus.com
Subject: Can System() of Perl be bypassed?

Hi All,
In my PERL code,I am using user's input as command line argument for the
program being executed by System().
Can user run command of his choice by giving malicious input?
Is PERL's -T (Taint mode) the solution for this?

Thanks.

Sandeep Giri

• Next message: FBO: "Re: Can System() of Perl be bypassed?"
• Previous message: Dana Epp: "Re: Can System() of Perl be bypassed?"
• Maybe in reply to: Sandeep Giri: "Can System() of Perl be bypassed?"
• Next in thread: FBO: "Re: Can System() of Perl be bypassed?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]