Beefy Boxes and Bandwidth Generously Provided by pair Networks
The stupid question is the question not asked
 
PerlMonks  

Re: having horrors untainting a path string for moving a file

by virtualsue (Vicar)
on Mar 14, 2006 at 18:39 UTC ( #536668=note: print w/ replies, xml ) Need Help??


in reply to having horrors untainting a path string for moving a file

Insecure $ENV{PATH} while running with -T switch at move.cgi line 148

This error message is trying to tell you to tighten down the $PATH environment setting. What I do is set $ENV{PATH} to '' (clear it) and use a known _absolute_ path for every external program being executed. /bin/mv, /bin/rm, etc. Taint is trying to protect you from being easy prey for a trojan horse attack.


Comment on Re: having horrors untainting a path string for moving a file

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://536668]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others surveying the Monastery: (13)
As of 2015-07-29 14:25 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (263 votes), past polls