lib/File/Find/taint.t

Front page | perl.perl5.porters | Postings from June 2001

Thread Next

From:

Nick Ing-Simmons

Date:

June 30, 2001 12:17

Subject:

lib/File/Find/taint.t

Message ID:

20010630191718.529.1@dromedary.ni-s.u-net.com


Someone has tidied up my hack to lib/File/Find/taint.t
but sadly result does not achieve correct result:

nick@dromedary 509$ perl -T ../lib/File/Find/taint.t
1..45
Insecure directory in $ENV{PATH} while running with -T switch at ../lib/Cwd.pm line 96.
nick@dromedary 510$    

# Remove insecure directories from PATH
my @path;
my $sep = $Config{path_sep};
foreach my $dir (split(/$sep/,$ENV{'PATH'}))
 {
  push(@path,$dir) unless (stat $dir)[2] & 0002;
 }
$ENV{'PATH'} = join($sep,@path);

My version (IIRC) used -w $dir, which was overkill (=wrong)
I assume group write is also considered insecure?


-- 
Nick Ing-Simmons
http://www.ni-s.u-net.com/

Thread Next

lib/File/Find/taint.t by Nick Ing-Simmons

Re: lib/File/Find/taint.t by Jeffrey Friedl
Re: lib/File/Find/taint.t by Jarkko Hietaniemi

Re: lib/File/Find/taint.t by Nick Ing-Simmons

nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About