From 3af757ffd9a2f4cb2a4efd41505303be82b88e22 Mon Sep 17 00:00:00 2001 From: David Bremner Date: Thu, 10 Mar 2011 16:02:32 -0500 Subject: [PATCH] Update comments for untaint. Assume it is generally unwise, and add comments when used explaining why it is supposed to be OK. --- Crypt/Monkeysphere/Keyserver.pm | 5 +++++ Crypt/Monkeysphere/Util.pm | 3 +-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/Crypt/Monkeysphere/Keyserver.pm b/Crypt/Monkeysphere/Keyserver.pm index 9799868..c53869a 100644 --- a/Crypt/Monkeysphere/Keyserver.pm +++ b/Crypt/Monkeysphere/Keyserver.pm @@ -37,6 +37,11 @@ sub _get_keyserver{ if (!defined($gpghome)) { if (exists $ENV{GNUPGHOME} and $ENV{GNUPGHOME} ne '') { + + # We might be running in taint mode, but we assume that is about + # data coming from the network, and that the local environment + # is generally trustworthy. + $gpghome = untaint($ENV{GNUPGHOME}); } else { my $userhome=File::HomeDir->my_home; diff --git a/Crypt/Monkeysphere/Util.pm b/Crypt/Monkeysphere/Util.pm index d4694d5..e4c73e0 100644 --- a/Crypt/Monkeysphere/Util.pm +++ b/Crypt/Monkeysphere/Util.pm @@ -8,8 +8,7 @@ our @EXPORT_OK=qw(untaint); # use sparingly! We want to keep taint mode around for the data we -# get over the network. this is only here because we want to treat -# the command line arguments differently for the subprocess. +# get over the network. sub untaint { my $x = shift; $x =~ /^(.*)$/ ; -- 2.26.2