Beefy Boxes and Bandwidth Generously Provided by pair Networks
Problems? Is your data what you think it is?
 
PerlMonks  

Re: having horrors untainting a path string for moving a file

by virtualsue (Vicar)
on Mar 14, 2006 at 18:39 UTC ( #536668=note: print w/ replies, xml ) Need Help??


in reply to having horrors untainting a path string for moving a file

Insecure $ENV{PATH} while running with -T switch at move.cgi line 148

This error message is trying to tell you to tighten down the $PATH environment setting. What I do is set $ENV{PATH} to '' (clear it) and use a known _absolute_ path for every external program being executed. /bin/mv, /bin/rm, etc. Taint is trying to protect you from being easy prey for a trojan horse attack.


Comment on Re: having horrors untainting a path string for moving a file

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://536668]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (10)
As of 2014-07-22 21:49 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (129 votes), past polls