J
James Taylor
I've created a very simple web-based perldoc interface that
simply passes the options and arguments the user enters to
perldoc via the shell, but before I release it I'd like to ask
if anyone is aware of any security issues with perldoc that I
should defend against. I know little about perldoc's many
options or whether they are abusable and would really appreciate
some pointers. For instance, it's not clear to me whether it
would be possible to use some of perldoc's more esoteric options
to write to another file, or execute another file even.
Of course, there are shell related security issues too. Those
that come to mind are semicolons, pipes, and i/o redirectors.
I therefore remove most punctuation characters from the user
input before passing it to the shell with a tr:
$query =~ tr/- _A-Za-z0-9:"'//cd;
I have left colons so people can look up modules, and quote marks
so people can quote phrases to look up in the FAQ. This should
allow most of the common perldoc references given in this group
to be looked up, but would exclude interesting regexes. However,
if I can be a little less paranoid and allow more without
sacrificing security that would be good too.
Can anyone offer me general guidance?
I can post source code if that would be useful. It's only 78 lines.
Thanks.
simply passes the options and arguments the user enters to
perldoc via the shell, but before I release it I'd like to ask
if anyone is aware of any security issues with perldoc that I
should defend against. I know little about perldoc's many
options or whether they are abusable and would really appreciate
some pointers. For instance, it's not clear to me whether it
would be possible to use some of perldoc's more esoteric options
to write to another file, or execute another file even.
Of course, there are shell related security issues too. Those
that come to mind are semicolons, pipes, and i/o redirectors.
I therefore remove most punctuation characters from the user
input before passing it to the shell with a tr:
$query =~ tr/- _A-Za-z0-9:"'//cd;
I have left colons so people can look up modules, and quote marks
so people can quote phrases to look up in the FAQ. This should
allow most of the common perldoc references given in this group
to be looked up, but would exclude interesting regexes. However,
if I can be a little less paranoid and allow more without
sacrificing security that would be good too.
Can anyone offer me general guidance?
I can post source code if that would be useful. It's only 78 lines.
Thanks.