On Fri, Dec 15, 2006 at 06:32:06PM -0500, Ilia Alshanetsky wrote: > I think people generally follow the path of least resistance and for > compat purposes I suspect most application will simply create a quick > wrapper to **untaint** all input data so they can use it within their > application without worrying about tainting getting in the way.
More fool them. > Tainting may have helped if you are using straight forward data, but > what happens when you start doing appending or passing data through > string modification operations. I almost guarantee that there will be > a series of operations or function calls that if executed in a > certain order will mask tainted input making it appear safe. I'd > gladly provide you with examples, but there is no sample code, if I > have time I'll take a peak at Perl and Ruby that implement tainting > and see if a quick taint bypass can be devised. OK: so there may be a few cases where it won't work, that does not mean that there won't be great advantages for the majority of situations. > All it means that this breaks every applications and the security > benefits are somewhat ambiguous, but in all fairness the full > consequences are hard to predict without sample code. It is OFF by default. RegisterGlobals was initially ON by detault since loosing it broke a lot of code. PHP survived that. -- Alain Williams Parliament Hill Computers Ltd. Linux Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 http://www.phcomp.co.uk/ #include <std_disclaimer.h> -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
