From: David Bremner <bremner@debian.org>
Date: Thu, 10 Mar 2011 21:02:32 +0000 (-0500)
Subject: Update comments for untaint.
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=3af757ffd9a2f4cb2a4efd41505303be82b88e22;p=monkeysphere-validation-agent.git

Update comments for untaint.

Assume it is generally unwise, and add comments when used explaining
why it is supposed to be OK.
---

diff --git a/Crypt/Monkeysphere/Keyserver.pm b/Crypt/Monkeysphere/Keyserver.pm
index 9799868..c53869a 100644
--- a/Crypt/Monkeysphere/Keyserver.pm
+++ b/Crypt/Monkeysphere/Keyserver.pm
@@ -37,6 +37,11 @@ sub _get_keyserver{
 
   if (!defined($gpghome)) {
     if (exists $ENV{GNUPGHOME} and $ENV{GNUPGHOME} ne '') {
+
+      # We might be running in taint mode, but we assume that is about
+      # data coming from the network, and that the local environment
+      # is generally trustworthy.
+
       $gpghome = untaint($ENV{GNUPGHOME});
     } else {
       my $userhome=File::HomeDir->my_home;
diff --git a/Crypt/Monkeysphere/Util.pm b/Crypt/Monkeysphere/Util.pm
index d4694d5..e4c73e0 100644
--- a/Crypt/Monkeysphere/Util.pm
+++ b/Crypt/Monkeysphere/Util.pm
@@ -8,8 +8,7 @@ our @EXPORT_OK=qw(untaint);
 
 
 # use sparingly!  We want to keep taint mode around for the data we
-# get over the network.  this is only here because we want to treat
-# the command line arguments differently for the subprocess.
+# get over the network.
 sub untaint {
   my $x = shift;
   $x =~ /^(.*)$/ ;