[Pkg-privacy-commits] [msva-perl] 301/356: Update comments for untaint.

Ximin Luo infinity0 at moszumanska.debian.org
Mon Aug 24 07:42:07 UTC 2015


This is an automated email from the git hooks/post-receive script.

infinity0 pushed a commit to branch debian
in repository msva-perl.

commit 3af757ffd9a2f4cb2a4efd41505303be82b88e22
Author: David Bremner <bremner at debian.org>
Date:   Thu Mar 10 16:02:32 2011 -0500

    Update comments for untaint.
    
    Assume it is generally unwise, and add comments when used explaining
    why it is supposed to be OK.
---
 Crypt/Monkeysphere/Keyserver.pm | 5 +++++
 Crypt/Monkeysphere/Util.pm      | 3 +--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/Crypt/Monkeysphere/Keyserver.pm b/Crypt/Monkeysphere/Keyserver.pm
index 9799868..c53869a 100644
--- a/Crypt/Monkeysphere/Keyserver.pm
+++ b/Crypt/Monkeysphere/Keyserver.pm
@@ -37,6 +37,11 @@ sub _get_keyserver{
 
   if (!defined($gpghome)) {
     if (exists $ENV{GNUPGHOME} and $ENV{GNUPGHOME} ne '') {
+
+      # We might be running in taint mode, but we assume that is about
+      # data coming from the network, and that the local environment
+      # is generally trustworthy.
+
       $gpghome = untaint($ENV{GNUPGHOME});
     } else {
       my $userhome=File::HomeDir->my_home;
diff --git a/Crypt/Monkeysphere/Util.pm b/Crypt/Monkeysphere/Util.pm
index d4694d5..e4c73e0 100644
--- a/Crypt/Monkeysphere/Util.pm
+++ b/Crypt/Monkeysphere/Util.pm
@@ -8,8 +8,7 @@ our @EXPORT_OK=qw(untaint);
 
 
 # use sparingly!  We want to keep taint mode around for the data we
-# get over the network.  this is only here because we want to treat
-# the command line arguments differently for the subprocess.
+# get over the network.
 sub untaint {
   my $x = shift;
   $x =~ /^(.*)$/ ;

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/msva-perl.git



More information about the Pkg-privacy-commits mailing list