Menu
perl -T Do you use it? Does it help you finding security holes in your Perl scripts?
395
Taint mode is used to keep track of the data coming from the user and avoids doing anything insecure with it. When it is enabled, every variable is monitored by Perl to check whether it is tainted or not. Tainted data is any data that comes from outside the code.
Overview. The concept behind taint checking is that any variable that can be modified by an outside user (for example a variable set by a field in a web form) poses a potential security risk. If that variable is used in an expression that sets a second variable, that second variable is now also suspicious.
In Perl, taint mode is a way to make our code more secure. It makes our program fussier about the data that it receives from an external source. The external source means the users, the file system, the environment, locale information, and some system calls.
When accepting external data you should always program defensively and use taint mode to ensure that the external data matches your expectations. Some people argue that taint mode should always be used as it forces you to consider the implications of your use of external data.
Certainly as a minimum, any CGI application should use taint mode. When accepting external data you should always program defensively and use taint mode to ensure that the external data matches your expectations. Some people argue that taint mode should always be used as it forces you to consider the implications of your use of external data.
To turn the taint mode on we just use -T flag in our hashbang line. Taint mode is used to keep track of the data coming from the user and avoids doing anything insecure with it. When it is enabled, every variable is monitored by Perl to check whether it is tainted or not. Tainted data is any data that comes from outside the code.
More than that :) it stops your security issues before they become one. It is not a security silver bullet of course... we used to use it (a few years back when I was involved in Perl projects) in any script that was exposed externally (i.e. any mod_perl app) and we found it very useful and made it our policy. It does a few checks and it is handy.. (anything makes things automated)
Perl Security - perlsec recommends it strongly too:
This flag [Taint mode] is strongly suggested for server programs and any program run on behalf of someone else, such as a CGI script. Once taint mode is on, it's on for the remainder of your script.
70
Most definitely!
$ echo '`rm -rf /`' | perl -Te 'eval while <>' Insecure dependency in eval while running with -T switch at -e line 1, <> line 1.
20
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
