tsld062.htm - metacpan.org


<HTML>

<HEAD>

<meta name="GENERATOR" content="Microsoft Internet Assistant for PowerPoint 97">
 <TITLE>DBI security tainting</TITLE> 
</HEAD>

<BODY     >

 <H1>DBI security tainting</H1> 
 <P><UL>
<LI><H2>By default the DBI ignores Perl tainting
</H2>
<UL>
<LI>doesn't taint returned data
<LI>doesn't check that parameters are not tainted
</UL><LI>
</UL><UL>
<LI><H2>The Taint attribute enables that behaviour
</H2>
<UL>
<LI>If Perl itself is in taint mode
<LI>
</UL></UL><UL>
<LI><H2>Each handle has it's own inherited Taint attribute
</H2>
<UL>
<LI>So can be enabled for particular connections and disabled for particular statements, for example:
</UL><LI>
<BR>$dbh = DBI-&#062connect(, { Taint =&#062 1 });
<BR>$sth = $dbh-&#062prepare("select * from safe_table");
<BR>$sth-&#062{Taint} = 0;  # no tainting on this handle
<BR>
</UL><UL>
<H2>.</H2>
</UL></P>
<P></P> 
<P>
<TABLE>
  <TD HEIGHT=100 WIDTH=100> <A HREF="tsld061.htm">Previous slide</A> </TD>
  <TD HEIGHT=100 WIDTH=100> <A HREF="tsld063.htm">Next slide</A> </TD>
  <TD HEIGHT=100 WIDTH=150> <A HREF="tsld001.htm">Back to first slide</A> </TD>
  <TD HEIGHT=100 WIDTH=150> <A HREF="sld062.htm">View graphic version</A> </TD>
</TABLE>
<BR>
</P>



</Body>
</HTML>

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)