Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

Previous Appendix A
Perl CGI Programming FAQ
Next
 

A.5 Security

Is a Perl CGI program more or less secure than a shell or C one?

The answer to this is: A CGI program is prone to security problems no matter what language it is written in!

What particular security concerns should I be aware of?

Never expose any form of data to the shell. All of the following are possible security holes:

open (COMMAND, "/usr/ucb/finger $form_user");
system ("/usr/ucb/finger $form_user");
@data = `usr/ucb/finger $form_user`;

See more examples in the following answers. You should also look at:

WWW Security FAQ (by Lincoln Stein) (https://www-genome.wi.mit.edu/WWW/faqs/www-security-faq.html)

CGI Security FAQ (by Paul Phillips) (https://www.cerf.net/~paulp/cgisecurity/safe-cgi.txt)

How can I call a program with backtics securely? Is it true that:

@ans = `grep '$user_field' some.file`;  

is insecure?

Yes! It's very dangerous! Imagine if $user_field contains:

; rm -fr / ;  

An equivalent to the above command is:

if (open (GREP, "-|")) {
    @ans = <GREP>
} else {
    exec ("/usr/local/bin/grep", $user_field, "some.file")
        || die "Error exec'ing command", "\n";
}
close (GREP);

Is it true that /$user_variable/ is a security hole in Perl 5?

No! It's not. It's a security hole if you evaluate the expression at runtime using the eval command. Something like this is dangerous:

foreach $regexp (@all_regexps) {
    eval "foreach (\@data) { push (\@matches, \$_) if m|$regexp|o; }";
} 
 


Previous Home Next
Specific Programming Questions Book Index  

 
 
  Published under free license. Design by Interspire