Re: Insecure $ENV{PATH} while running with -T switch


Perl Monk, Perl Meditation
	PerlMonks

Re: Insecure $ENV{PATH} while running with -T switch

by Corion (Patriarch)

on Feb 29, 2016 at 07:50 UTC ( [id://1156420]=note: print w/replies, xml )

Need Help??

in reply to Insecure $ENV{PATH} while running with -T switch

See perltaint. The best approach is to either avoid invoking the shell by removing the redirection or to explicitly set up $ENV{PATH} to a trusted value. In your case, likely the following will suffice:

$ENV{PATH} = '/bin:/usr/local/bin';
[download]

If the external program perl1.pl will be sending mail, maybe you also need to add the directory where the sendmail program lives to the path.

Comment on Re: Insecure $ENV{PATH} while running with -T switch Select or Download Code

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://1156420]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others browsing the Monastery: (5)

As of 2024-04-25 06:13 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found