Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > secprog > 03 > 010276.html (Request Expert securityfocus.com Support)

Re: Can System() of Perl be bypassed?

From: Dana Epp <dana(at)vulscan.com>
Date: Wed Jan 22 2003 - 17:26:17 EST

Never trust user input. Assume it is malicious input unless you find otherwise.

Perl is an awesome language for regex checking. It is very possible to misuse the system() command in Perl if you are just shoving user arguments directly to the system() call.

Consider determining what exactly the arguments are supposed to look like, and validate it as it comes from the untrusted boundry (the argument itself) into the trusted boundry where you are about to use it (your code). As an example, if the Perl script is expecting an integer value (maybe a port number for instance) validate that its actually an integer value between two particular numbers. The same would go for any other argument you are looking for.

To learn more on what taint mode is actually good for, check out: http://gunther.web66.com/FAQS/taintmode.html

A combination of user input validation with taint may work for you, but taint alone should not be considered enough. Remember all taint does is sets the perl interprator into a paranoid mode and expects everything to be bad (a good thing (tm) ). However, you still need to validate the data itself. 

---
Regards,
Dana M. Epp


----- Original Message -----
From: "Sandeep Giri" 
To: 
Sent: Tuesday, January 21, 2003 11:03 PM
Subject: Can System() of Perl be bypassed?

>

>

> Hi All,
Received on Wed Jan 22 19:03:20 2003

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:45 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library