doy.tozt.net
- Website: doy.tozt.net/
Recent Actions
-
Commented on Mouse/Moose delegation feature
Reini: Sure, if you're okay with exposing the entire API of the other module through your class, and are okay with having no way at all of dealing with method name conflicts (or even knowing when they happen). This is...
-
Commented on How (not) To Load a Module or Bad Interfaces Make Good People Do Bad Things
For what it's worth, "Mégå::Mödulé" can't really be considered a valid module name, because handling of unicode in package names is entirely dependent on the underlying file system at the moment (because as you said, all perl does is convert...
Comment Threads
-
Reini Urban commented on
How (not) To Load a Module or Bad Interfaces Make Good People Do Bad Things
I see no general problem in allowing
m|^\.[/\\]|
in require file, I just disabled absolute paths and attempts to step the path upwards in strings given to Module::Load.I see no immediate action required to act almost hysterically on
require string
on such paths, such as adding new ops. I would recommend to fix the loader modules first, and bring the message out to check for generated strings, esp. with unsafe user input...::
should also be forbidden in bareword module names. This should be forbidden inPerl_pp_require
, agr… -
dagolden.com commented on
How (not) To Load a Module or Bad Interfaces Make Good People Do Bad Things
I appreciate that you're pointing out yet another security loophole that people might not think of.
Yet the only real lesson I see is that Perl code shouldn't incorporate unvalidated, arbitrary user input into its execution logic, and that's not really a new warning. Running under taint would avoid the whole threat described in this post.
That said, I agree that in retrospect the decision to overload module and file loading was a poor one.
-- David
-
bingos commented on
How (not) To Load a Module or Bad Interfaces Make Good People Do Bad Things
Module::Load (version 0.22) has been fixed to not jump the rails now
-
Michael G Schwern commented on
How (not) To Load a Module or Bad Interfaces Make Good People Do Bad Things
Taint mode just tells you if your inputs have been checked. It does not tell you that your check is secure. While it will help to use taint mode, and add a filter, it still means you're passing user input to an insecure function (whether "eval qq[require $module]" or "require $path"). There's no reason that function has to be so insecure. Security must be many layered to work.
We all know taint is a royal pain in the ass, made some what less by the -t flag (you're …
-
Peter Rabbitson commented on
How (not) To Load a Module or Bad Interfaces Make Good People Do Bad Things
Hi, and sorry for resurrecting this old thread.
This blogpost seems to be bookmarked among many fellow programmers, but it fails to even mention Module::Runtime, which (at the time of this writing) already was implementing everything you describe, except for the unicode stuff (which it considers invalid, see RT#74804).
Would you mind updating this post for the sake of fellow googlers?
Cheers!
About blogs.perl.org
blogs.perl.org is a common blogging platform for the Perl community. Written in Perl with a graphic design donated by Six Apart, Ltd.