Provided by: libparanoid-perl_0.36-3_all 
NAME
Paranoid - Paranoia support for safer programs
VERSION
$Id: Paranoid.pm,v 0.36 2012/09/24 23:22:59 acorliss Exp $
SYNOPSIS
use Paranoid;
$errMsg = Paranoid::ERROR;
psecureEnv("/bin:/usr/bin");
DESCRIPTION
This collection of modules started out as modules which perform things (debatably) in a
safer and taint-safe manner. Since then it's also grown to include functionality that fit
into the same framework and conventions of the original modules, including keeping the
debug hooks for command-line debugging.
All the modules below are intended to be used directly in your programs if you need the
functionality they provide.
This module does provide one function meant to secure your environment enough to satisfy
taint-enabled programs, and as a container which holds the last reported error from any
code in the Paranoid framework.
SUBROUTINES/METHODS
psecureEnv
psecureEnv("/bin:/usr/bin");
This function deletes some of the dangerous environment variables that can be used to
subvert perl when being run in setuid applications. It also sets the path, either to the
passed argument (if passed) or a default of "/bin:/usr/bin".
Paranoid::ERROR
$errMsg = Paranoid::ERROR;
Paranoid::ERROR = $errMsg;
This lvalue function is not exported and must be referenced via the Paranoid namespace.
TAINT NOTES
Taint-mode programming can be somewhat of an adventure until you know all the places
considered dangerous under perl's taint mode. The following functions should generally
have their arguments detainted before using:
exec system open glob
unlink mkdir chdir rmdir
chown chmod umask utime
link symlink kill eval
truncate ioctl fcntl chroot
setpgrp setpriority syscall socket
socketpair bind connect
DEPENDENCIES
While this module itself doesn't have any external dependencies various child modules do.
Please check their documentation for any particulars should you use them.
SEE ALSO
The following modules are available for use. You should check their POD for specifics on
use:
o Paranoid::Args: Command-line argument parsing functions
o Paranoid::BerkeleyDB: OO-oriented BerkelyDB access with concurrent access capabilities
o Paranoid::Data: Misc. data manipulation functions
o Paranoid::Debug: Command-line debugging framework and functions
o Paranoid::Filesystem: Filesystem operation functions
o Paranoid::Glob: Paranoid Glob objects
o Paranoid::Input: Input-related functions (file reading, detainting)
o Paranoid::Lockfile: Lockfile support
o Paranoid::Log: Unified logging framework and functions
o Paranoid::Module: Run-time module loading functions
o Paranoid::Network: Network-related functions
o Paranoid::Network::IPv4: General IPv4-related functions
o Paranoid::Network::IPv6: General IPv6-related functions
o Paranoid::Network::Socket: Wrapper module for Socket & Socket6
o Paranoid::Process: Process management functions
BUGS AND LIMITATIONS
If your application is sensitive to performance issues then you may be better off not
using these modules. The primary focus was on security, robustness, and diagnostics.
That said, there's probably a lot of room for improvement on the performance front.
AUTHOR
Arthur Corliss (corliss@digitalmages.com)
LICENSE AND COPYRIGHT
This software is licensed under the same terms as Perl, itself. Please see
http://dev.perl.org/licenses/ for more information.
(c) 2005, Arthur Corliss (corliss@digitalmages.com)