Jump to content

Talk:Taint checking

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia

A good example indeed. San25872 09:15, 25 March 2006 (UTC)[reply]

The scope of the information on this page is too restrictive, and somewhat misleading. Taint checking is not just a mechanism implemented by a few programming languages for preventing the specific class of attack listed in the article. —Preceding unsigned comment added by 76.200.191.153 (talk) 22:25, 2 August 2009 (UTC)[reply]


I always find it misleading to say that taints are associated with variables. One variable can in runtime have several different values, think for instance of a recursive function with a local variable or an implementation of a linked list with a node.value variable. To me it is the values that are tainted. Also, the sentence "The taint checking tool proceeds variable by variable until it has a complete list of all variables which are potentially influenced by outside input." sounds like it is a static technique. The list can never be "complete" if for instance some user input is affects the values in some list that grows and grows. Andreas Lundblad (talk) 07:50, 4 April 2012 (UTC)[reply]

Taint checking isn't black-listing and isn't done on variables

[edit]

I removed the part of the article that erroneously states that taint checking is black-listing. Black-listing means that the system looks for specific properties that are considered dangerous. Tainting assumes input data is dangerous unless it has some property ( created by the programmer) that makes it safe.

Also, as has been pointed out, variables aren't tainted, data is. Depending on the language (I use Perl), a variable can reference clean or tainted values. The value itself is either clean or tainted. SnappingTurtle (talk) 00:39, 3 May 2016 (UTC)[reply]

Perl 3.0 didn't have a -T switch

[edit]

This claim was introduced in revision 432026216 along with a reference to the book "Perl in a Nutshell", Second Edition, Patwardhan, Siever and Spainhour, ISBN 0596002416. But I checked the book and I don't see any mention of "perl 3" in it. (Besides, the book was written for Perl 5.8 and advertised as such in 2002; at that point perl 3.0 was ancient history and long obsolete.) So the citation does not support the claim.

I also checked the version history of perl itself (which is available online at github) and found the part of the code that processes command-line options in perl 3.0. There is no case 'T' that would implement a -T switch. Also, the official perl 3 manual (part 4) only mentions taint mode in connection with setuid scripts.