Tainted Perl: For Your Dirtiest Input
By Bryan Young
Expert Author
Article Date: 2010-11-30
When writing a program that relies on data coming from outside sources, it is always a good idea to place checks on your data to make sure that there is no funny business going on. There are various ways of doing this, and a good programmer knows to add them in. There is always room for improvement though, and everyone makes mistakes. One thing you can do to ensure that no bad data is getting through to your system is to run your perl program in Taint Mode.
Taint Mode is a command line option which is used to secure your perl programs by requiring all data from outside sources to be passed through a regular expression before it can be used in certain kinds of expressions. According to the perlsec from the perl documentation, "Tainted data may not be used directly or indirectly in any command that invokes a sub-shell, nor in any command that modifies files, directories, or processes, with the following exceptions:" "print and syswrite" "symbolic methods" and "hash keys".
Once a piece of data has been tainted, it will pass that taint to all the data dependent on it, for example if you use my $bar = substr( $foo, 3, 10 ); where $foo is a tainted value, $bar will also be tainted. In order to untaint a value, you must run it through a regular expression, like the one below.
if ( $foo =~ /^(\w+)$/ ) {
$foo = $1;
} else {
die ( "data is tainted" );
}
Now $foo is untainted and can be used for whatever you like. Taint Mode is enabled by adding the -T flag to your run command, either on the command line or in the #! line in your code.
About the Author:
Bryan Young is a staff writer for WebProNews.
|
