[Pkg-privacy-commits] [msva-perl] 301/356: Update comments for untaint.
Ximin Luo
infinity0 at moszumanska.debian.org
Mon Aug 24 07:42:07 UTC 2015
This is an automated email from the git hooks/post-receive script.
infinity0 pushed a commit to branch debian
in repository msva-perl.
commit 3af757ffd9a2f4cb2a4efd41505303be82b88e22
Author: David Bremner <bremner at debian.org>
Date: Thu Mar 10 16:02:32 2011 -0500
Update comments for untaint.
Assume it is generally unwise, and add comments when used explaining
why it is supposed to be OK.
---
Crypt/Monkeysphere/Keyserver.pm | 5 +++++
Crypt/Monkeysphere/Util.pm | 3 +--
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/Crypt/Monkeysphere/Keyserver.pm b/Crypt/Monkeysphere/Keyserver.pm
index 9799868..c53869a 100644
--- a/Crypt/Monkeysphere/Keyserver.pm
+++ b/Crypt/Monkeysphere/Keyserver.pm
@@ -37,6 +37,11 @@ sub _get_keyserver{
if (!defined($gpghome)) {
if (exists $ENV{GNUPGHOME} and $ENV{GNUPGHOME} ne '') {
+
+ # We might be running in taint mode, but we assume that is about
+ # data coming from the network, and that the local environment
+ # is generally trustworthy.
+
$gpghome = untaint($ENV{GNUPGHOME});
} else {
my $userhome=File::HomeDir->my_home;
diff --git a/Crypt/Monkeysphere/Util.pm b/Crypt/Monkeysphere/Util.pm
index d4694d5..e4c73e0 100644
--- a/Crypt/Monkeysphere/Util.pm
+++ b/Crypt/Monkeysphere/Util.pm
@@ -8,8 +8,7 @@ our @EXPORT_OK=qw(untaint);
# use sparingly! We want to keep taint mode around for the data we
-# get over the network. this is only here because we want to treat
-# the command line arguments differently for the subprocess.
+# get over the network.
sub untaint {
my $x = shift;
$x =~ /^(.*)$/ ;
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/msva-perl.git
More information about the Pkg-privacy-commits
mailing list