New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Phrack finds a major perl bug #1009
Comments
From @tamiasOn Thu, Dec 30, 1999 at 12:31:19PM -0800, ap296@torfree.net wrote:
So where's the bug? The only thing described here is bugs in Perl I recommend that you read the perlsec documentation, which discusses security Ronald |
From [Unknown Contact. See original ticket]ap296 <ap296@torfree.net> writes:
If you're actually trying to be helpful, providing some actual details on To summarize for p5p, the first item on that page is a discussion of The offered additional example, the fact that "root" and "root\0" compare The second item is a discussion of shell metacharacters and pointing out The third item reduces basically to "people don't realize open is magic." The fourth item is a catalog of the insecurities in several Perl CGI -- |
From [Unknown Contact. See original ticket]Ronald J Kimball [rjk@linguist.dartmouth.edu] quoth: I don't recall Phrack being the pillar of useful information...nice to see e. |
From @chipdudeAccording to Russ Allbery:
Hm. I wonder if we should address this by forbidding NUL bytes in |
From [Unknown Contact. See original ticket]Hi, Chip Salzenberg:
I'm all for it. It _should_ have been caught using the taint checks which |
From @timbunceOn Sun, Jan 02, 2000 at 01:27:30AM -0800, Chip Salzenberg wrote:
Perhaps with "perl -U" as an escape mechanism. Tim. |
From @chipdudeAccording to Matthias Urlichs:
Ah, yes, quite so. I knew there was something I was missing! |
From [Unknown Contact. See original ticket]Tim Bunce <Tim.Bunce@ig.co.uk> wrote
Escape to where ? Since NUL is disallowed in filenames at the C level. Mike Guy |
From [Unknown Contact. See original ticket]At 03:05 PM 01/03/2000 -0800, Chip Salzenberg wrote:
With all of the flames in this thread. I don't know if your last statement |
From [Unknown Contact. See original ticket]Hi, ap296@torfree.net:
It's not Perl's fault that Perl defaults to "strings may contain \0 It's the programmer's job to make sure that file names from external One can write programs that are a security nightmare in any language. -- |
From [Unknown Contact. See original ticket]Matthias Urlichs <smurf@noris.net> writes:
While I largely agree with this, I think that it may be worth making a Don't think of it as a security issue. Think of it as a correctness -- |
From [Unknown Contact. See original ticket]Hi, Russ Allbery:
... plus stat()/lstat()/access(). I agree (somewhat ;-). -- |
From [Unknown Contact. See original ticket]Or anything that takes a file name, nay? Like chown, -x, etc. --tom |
From @samtregarOn 6 Jan 2000, Russ Allbery wrote:
I wouldn't be surprised if there are scripts that actually use this Maybe it should be a warning, if it's going to be anything but acceptable? -sam |
From @chipdudeAccording to Sam Tregar:
Nor would I. Just about any doggone weird thing than can be done with
Hmph. A warning normally, an error in taint mode? |
From [Unknown Contact. See original ticket]Tom Christiansen <tchrist@jhereg.perl.com> writes:
Or system() or qx{} or exec(). Chip -- |
Migrated from rt.perl.org#1959 (status was 'resolved')
Searchable as RT1959$
The text was updated successfully, but these errors were encountered: