Insecure dependency in open while running with -T switch

[kskkaf]

In an upload subroutine I have the following code:

open (OUTFILE, "> $root/$docfolder/$fpage") or die "Can't open output
file for write: $!";

But the error message as show in the title keeps coming up. Now that I
insist keeping the -T switch, how can I avoid the error message? Thanks
for any clue.

 

[Paul Lalli]

Subject: Insecure dependency in open while running with -T switch
In an upload subroutine I have the following code:

open (OUTFILE, "> $root/$docfolder/$fpage") or die "Can't open output
file for write: $!";

But the error message as show in the title keeps coming up. Now that I
insist keeping the -T switch, how can I avoid the error message? Thanks
for any clue.

It's telling you that one or more of $root, $docfolder, or $fpage are
tainted. That is, they came from user input or another insecure method.
You must untaint this data before using it to open a file. Untainting means
to verify, via regular expressions, that the data is what it's allowed to
be. Read
perldoc perlsec
for more information and examples.

Paul Lalli

 

[kskkaf]

It's telling you that one or more of $root, $docfolder, or $fpage are
tainted. That is, they came from user input or another insecure method.
You must untaint this data before using it to open a file. Untainting means
to verify, via regular expressions, that the data is what it's allowed to
be. Read
perldoc perlsec
for more information and examples.

Paul Lalli

Thanks Paul!