On Tue, Dec 19, 2006 at 01:21:59PM -0800, Stanislav Malyshev wrote: > >Wrong again, different contexts have different validation criteria, > >unless you consider that tainting in PHP wont work. What's safe to print > >on screen may not be safe to execute or pass to the database etc... > > I do not think the purpose of tainting is or should be to take this kind > of decisions. The purpose of tainting is to force you - as application > developer (as much as it is possible without actually looking over your > shoulder and grabbing your hands :) to take this decision and not just > forget about it. Many bugs are there not because somebody uses an input > sanitized for exec as database query - people usually don't do that > (though I can not say there's no app doing it - but I can certainly say > it's not a routine way of action). However people routinely forget to > take action on the input altogether - either because they delay it "for > later" and then forget or because they are unfamiliar with the necessity > of filtering and potential danger of passing the data. While there's no > way to stop the user who purposefully wants to pass user-supplied data > to dangerous function without filtering, there's certainly a way to warn > a user that does it by mistake. That's the target.
Very well put/explained. -- Alain Williams Parliament Hill Computers Ltd. Linux Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 http://www.phcomp.co.uk/ #include <std_disclaimer.h> -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
