Dudes,
Someone has to have some inkling how to open filehandles for writing whilst
running in taint mode (-T). C'mon there are some of the best Perl minds in
the world here. Is it impossible?
I've tried untainting the data I'm using to write with this snippet:
#untaint $count
if ($count =~ /^([-\@\w.]+)$/){
$count = $1;
}
but kept getting this error, "Insecure dependency in open while running with
-T switch at /u/web/lega63/cgi-local/SecureMail.pl line 455". HELP! I don't
want to run this program without taint checks.
The full filehandle portion is:
if ($mailPrefix[0]) {
open (COUNTER,"$mailPrefix[0]Counter.txt") or die "Couldn't read
counter, $! \n";
$count=<COUNTER>;
++$count;
close (COUNTER);
#untaint $count
if ($count =~ /^([-\@\w.]+)$/){
$count = $1;
}
else {
die "Bad data in $count";
}
#The next line is line 455
open (COUNTER,">$mailPrefix[0]Counter.txt") or die "Couldn't write
counter, $! \n";
print COUNTER "$count";
close (COUNTER);
unless ($skip eq "yes"){
open (COUNTER,">>$mailPrefix[0]Report.txt") or die "Couldn't write
Report, $! \n";
print (COUNTER "${count}. $Config{'email'} on $date\n");
close (COUNTER);
}
}
}
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
