[ale] OT: Perl and taint checking

Robert L. Harris Robert.L.Harris at rdlg.net
Thu Feb 6 10:39:10 EST 2003



I'm working on a script:

----------------------------------------------------------------
#!/usr/bin/perl -w -T
#
$ENV{'PATH'}="/sbin:/bin";

use strict;
use diagnostics;

my ($Verbose)="F";
my ($Files, $SSID, at SSID_INFO, $MMINFO_Command);
#my ($Find_Command)="/usr/bin/find /exp -type f -mtime +30 | /bin/egrep
-v 'nsr|volume'";
my ($Find_Command)="/usr/bin/find /exp/legatodisk3 -type f -mtime +30 |
/bin/egrep -v 'nsr|volume'";

open(FIND_Run, "$Find_Command |");
chomp(my (@OLD)=<FIND_Run>);
close(FIND_Run);

foreach $Files (@OLD) {
  print "\$Files :$Files\n";
  (undef, undef, undef, undef, $SSID)=split('\/',$Files);
  $SSID =~ s/\.0$//g;
  print "\$SSID :$SSID:\n";

  $MMINFO_Command="/usr/bin/mminfo -qssid=$SSID";
  open(MMINFO_Run, "$MMINFO_Command |");
  chomp(@SSID_INFO=<MMINFO_Run>);
  close(MMINFO_Run);
  print "\@SSID_INFO :@SSID_INFO:\n";
  print "\n";
}
----------------------------------------------------------------

The problem is that the second open (MMINFO_Run) is complaining about
insecure dependancies in an open pipe.

Anyone work with perl -T much and see anything that could lead to this?

Thanks,
  Robert

:wq!
---------------------------------------------------------------------------
Robert L. Harris                     | PGP Key ID: E344DA3B
                                         @ x-hkp://pgp.mit.edu 
DISCLAIMER:
      These are MY OPINIONS ALONE.  I speak for no-one else.
FYI:
 perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'


 PGP signature




More information about the Ale mailing list