The Problem;
I have tainted data.
$cPass = crypt("pass", "dP");
$name = "brian";
$username = "Brian Smith"
$runLine = "adduser -d /home/users -g raduser -c \"$username\" -p $cPass -s /bin/false
$name";
I found this to help untaint the data.
if ($runLine =~ /^([-\@\/\"\w.]+)$/) {
$runLine = $1; # $data now untainted
} else {
print "Data is still tainted!<br>";
}
Now, I really stink at Regular Expressions, but To me that looks like it should take
care of everything in my $runLine?
I have my hypen, quotes, forward slash, and regular letters ... but I can NOT get it
to return GOOD.
Can anyone tell me what I am doing wrong?!?!?!
Thank You much!
Brian
