Pantek Library

Hosting Provided By

CybrHost

High Speed Hosting

Can System() of Perl be bypassed?

From: Sandeep Giri <sandeepgiri(at)indiatimes.com>
Date: Wed Jan 22 2003 - 02:03:27 EST

('binary' encoding is not supported, stored as-is)

Hi All,
In my PERL code,I am using user's input as command line argument for the program being executed by System().
Can user run command of his choice by giving malicious input? Is PERL's -T (Taint mode) the solution for this?

Thanks.

Sandeep Giri Received on Wed Jan 22 16:26:40 2003

This message: [ Message body ]
Next message: Robert B. Morson: "RE: PGP scripting (reprise)"
Previous message: Glynn Clements: "RE: PGP scripting..."
Next in thread: Brian Hatch: "Re: Can System() of Perl be bypassed?"
Reply: Brian Hatch: "Re: Can System() of Perl be bypassed?"
Reply: Ilya Martynov: "Re: Can System() of Perl be bypassed?"
Reply: Glynn Clements: "Re: Can System() of Perl be bypassed?"
Reply: Dana Epp: "Re: Can System() of Perl be bypassed?"
Reply: FBO: "Re: Can System() of Perl be bypassed?"
Reply: Ian Charnas: "Re: Can System() of Perl be bypassed?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:45 EDT

Contact Us Legal Notices Order Services Online
Pantek Home Privacy Policy IT news Site Map Pantek Library