58 lines
1.6 KiB
Plaintext
58 lines
1.6 KiB
Plaintext
---+ Package =TWiki::Sandbox=
|
|
|
|
This object provides an interface to the outside world. All calls to
|
|
system functions, or handling of file names, should be brokered by
|
|
this object.
|
|
|
|
|
|
%TOC%
|
|
|
|
---++ ClassMethod *new* <tt>($os,$realOS)</tt>
|
|
|
|
Construct a new sandbox suitable for $os, setting
|
|
flags for platform features that help. $realOS distinguishes
|
|
Perl variants on platforms such as Windows.
|
|
|
|
|
|
|
|
---++ StaticMethod *untaintUnchecked* <tt>($string) -> $untainted</tt>
|
|
|
|
Untaints $string without any checks (dangerous). If $string is
|
|
undefined, return undef.
|
|
|
|
The intent is to use this routine to be able to find all untainting
|
|
places using grep.
|
|
|
|
|
|
|
|
---++ StaticMethod *normalizeFileName* <tt>($string) -> $filename</tt>
|
|
|
|
Errors out if $string contains filtered characters.
|
|
|
|
The returned string is not tainted, but it may contain shell
|
|
metacharacters and even control characters.
|
|
|
|
|
|
|
|
---++ StaticMethod *sanitizeAttachmentName* <tt>($fname) -> ($fileName,$origName)</tt>
|
|
|
|
Given a file name received in a query parameter, sanitise it. Returns
|
|
the sanitised name together with the basename before sanitisation.
|
|
|
|
Sanitisation includes filtering illegal characters and mapping client
|
|
file names to legal server names.
|
|
|
|
|
|
|
|
---++ ObjectMethod *sysCommand* <tt>($template,@params) -> ($data,$exit)</tt>
|
|
|
|
Invokes the program described by $template
|
|
and @params, and returns the output of the program and an exit code.
|
|
STDOUT is returned. STDERR is THROWN AWAY.
|
|
|
|
The caller has to ensure that the invoked program does not react in a
|
|
harmful way to the passed arguments. sysCommand merely
|
|
ensures that the shell does not interpret any of the passed arguments.
|
|
|
|
|