From owner-freebsd-chat  Thu Sep  6 13:58:57 2001
Delivered-To: freebsd-chat@freebsd.org
Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31])
	by hub.freebsd.org (Postfix) with ESMTP id 31F1337B401
	for <freebsd-chat@FreeBSD.ORG>; Thu,  6 Sep 2001 13:58:44 -0700 (PDT)
Received: (from des@localhost)
	by flood.ping.uio.no (8.9.3/8.9.3) id WAA87268;
	Thu, 6 Sep 2001 22:58:37 +0200 (CEST)
	(envelope-from des@ofug.org)
X-URL: http://www.ofug.org/~des/
X-Disclaimer: The views expressed in this message do not necessarily
  coincide with those of any organisation or company with
  which I am or have been affiliated.
To: Mike Meyer <mwm@mired.org>
Cc: Piet Delport <siberiyan@mweb.co.za>,
	Kris Kennaway <kris@obsecurity.org>,
	Giorgos Keramidas <charon@labs.gr>, freebsd-chat@FreeBSD.ORG
Subject: Re: Scripts and setuid
References: <999708032.3b96558062cd2@webmail.neomedia.it>
	<20010905204055.A268@athalon> <20010905215258.A4304@hades.hell.gr>
	<20010906005600.A4157@athalon>
	<20010905161408.A80303@xor.obsecurity.org>
	<20010906131141.B4157@athalon>
	<15255.33577.367972.284194@guru.mired.org>
From: Dag-Erling Smorgrav <des@ofug.org>
Date: 06 Sep 2001 22:58:36 +0200
In-Reply-To: <15255.33577.367972.284194@guru.mired.org>
Message-ID: <xzpsne0dojn.fsf@flood.ping.uio.no>
Lines: 21
User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-chat@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-chat.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-chat>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-chat>
X-Loop: FreeBSD.org

Mike Meyer <mwm@mired.org> writes:
> First, perl isn't an exception. It's a lot safer than shell scripting
> because it can do real work without executing external code. It also
> provides "taint checking" which prevents you from accidently executing
> strings that came from the user.

Taint checks also prevent you from opening or deleting files whose
names were constructed from strings taken from the environment,
command line, or user input, or read from a file.  They also prevent
you from calling exec() or system() with an insecure $PATH (for some
definition of "insecure").  There are of course mechanisms to
circumvent these checks for strings that the programmer is certain are
safe (regexp match variables don't inherit taint from the string the
regexp was matched against).

One other advantage of Perl is that it isn't vulnerable to IFS
tickling.

DES
-- 
Dag-Erling Smorgrav - des@ofug.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message