diff options
| author | Steve Bennett <steveb@workware.net.au> | 2021-09-01 13:37:54 +1000 |
|---|---|---|
| committer | Steve Bennett <steveb@workware.net.au> | 2025-07-16 09:34:08 +1000 |
| commit | 3786590cd13b33e84ba585bf8b1802c68f7d1176 (patch) | |
| tree | e00268e2dcd31235823e237bf192938621fc523a | |
| parent | 63058f6ff20a3dddcce00d18dbd476ddc4c78d7c (diff) | |
| download | jimtcl-3786590cd13b33e84ba585bf8b1802c68f7d1176.zip jimtcl-3786590cd13b33e84ba585bf8b1802c68f7d1176.tar.gz jimtcl-3786590cd13b33e84ba585bf8b1802c68f7d1176.tar.bz2 | |
jim_tcl.txt: Document taint support
Signed-off-by: Steve Bennett <steveb@workware.net.au>
| -rw-r--r-- | jim_tcl.txt | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/jim_tcl.txt b/jim_tcl.txt index 68bca4c..4da4a7a 100644 --- a/jim_tcl.txt +++ b/jim_tcl.txt @@ -62,6 +62,7 @@ Changes since 0.83 #. Add support for `regexp -expanded` and `regsub -expanded` #. `vwait` now accepts a script argument #. Add support for `os.umask` +#. Add `taint` support for improved data security Changes between 0.82 and 0.83 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -3048,6 +3049,9 @@ The legal +'option'+'s (which may be abbreviated) are: procedure. An empty dictionary is returned if the procedure has no static variables. ++*info tainted* 'str'+:: + Returns 1 if the value is tainted, or 0 if not. + +*info version*+:: Returns the version number for this version of Jim in the form +*x.yy*+. @@ -4589,6 +4593,12 @@ The following are identical except the first immediately replaces the current ca proc sub_cmd2 ... ---- +taint +~~~~~ ++*taint* 'varname'+ + +Set "taint" on the value contained in the given variable. + tell ~~~~ +*tell* 'fileId'+ @@ -4755,6 +4765,12 @@ An error occurs if any of the variables doesn't exist, unless '-nocomplain' is specified. The '--' argument may be specified to stop option processing in case the variable name may be '-nocomplain'. +untaint +~~~~~~~ ++*untaint* 'varname'+ + +Remove "taint" from the value contained in the given variable. + upcall ~~~~~~~ +*upcall* 'command ?args ...?'+ @@ -5168,6 +5184,15 @@ This command returns an empty string. will be returned instead. Although this is designed for normal files and those should be used in blocking mode. ++$handle *taint source|sink ?0:n?*+:: + Sets the taint characteristics of the channel. Data read from + the channel will have a taint value as set by +'source'+, while + a check will be made against data written to the channel against + the +'sink'+ value. If the taint of the data and the channel + match, the operation will fail. By default, channels created + by `open` are not tainted while channels created by `socket` + have both set to 1. + +$handle *tell*+:: Returns the current seek position or -1 if the channel is not seekable. |