Detecting taint mode
david at cantrell.org.uk
Tue Feb 27 15:56:14 GMT 2007
On Tue, Feb 27, 2007 at 03:32:51PM +0000, Daniel Barlow wrote:
> David Cantrell wrote:
> > Conveniently, I don't particularly want to run that stuff if you started
> > as root and then dropped privs, which is the only other case I can think
> > of where chdir(getcwd()) would fail.
> Someone else may delete the current directory between the return of
> getcwd and the call to chdir
> For that matter, someone may delete the current directory before you
> call getcwd, in which case chdir(undef) may have side-effects you
> weren't expecting.
The un-taint-safe code I'm being defensive about has the same problems,
so I don't care :-)
David Cantrell | London Perl Mongers Deputy Chief Heretic
"Cynical" is a word used by the naive to describe the experienced.
George Hills, in uknot
More information about the london.pm