develooper Front page | perl.perl5.porters | Postings from October 2003

why PERL5LIB is ignored when -T is in effect

Thread Next
Stas Bekman
October 16, 2003 17:02
why PERL5LIB is ignored when -T is in effect
Message ID:
I know that the perlrun manpage says, that PERL5LIB env var (and a few others) 
are ignored when -t is in effect (and a few other cases). But I can't find any 
explanation to why this needs to be done. The perlsec manpage is not helpful 
here. Me thinking that if a malicious user can change PERL5LIB to something 
undesirable, he can do the same by running:

   perl -I/evil/dir program

I guess I miss something obvious here.

Also I think the fact that PERL5LIB is ignored with -T should be added to the 
perlsec manpage?

Thank you.

Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker     mod_perl Guide --->

Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About