taint 
Author Message
 taint

I got the error: Insecure $ENV{ENV} while running with -T switch... when
running the following three lines, it seams to be a litle strange since I
use $ENV{PATH} = "/bin:/usr/bin";

#! /usr/bin/perl -Tw
$ENV{PATH} = "/bin:/usr/bin";
open (whoisHandle, "/usr/bin/whois|") or die "Can't open whois. $!";

how can I make'em secure?

- gustav

---------------------------------------------------------------------
Gustav Kristoffer Ek - Netcetera - Finsensvej 80 - 2000 Frederiksberg
tlf 38 88 32 22 / 20 40 00 05 / 38 88 20 38 ext 341 - Fax 38 88 30 38
Webdesign, Webhotel, Mailhotel, UUCP og mere http://www.*-*-*.com/



Fri, 16 Jun 2000 03:00:00 GMT  
 taint


Quote:
>I got the error: Insecure $ENV{ENV} while running with -T switch... when
>running the following three lines, it seams to be a litle strange since I
>use $ENV{PATH} = "/bin:/usr/bin";

>#! /usr/bin/perl -Tw
>$ENV{PATH} = "/bin:/usr/bin";
>open (whoisHandle, "/usr/bin/whois|") or die "Can't open whois. $!";

>how can I make'em secure?

Same way you make $ENV{PATH} secure  -  set it to a safe value, for
example

  $ENV{ENV} = '';

Mike Guy



Fri, 16 Jun 2000 03:00:00 GMT  
 
 [ 2 post ] 

 Relevant Pages 

1. Taint 0.07 > Taint 0.09 ?

2. setuid taint mode broken; perl reputation suffers

3. Taint and regexps [was: How to start your Perl CGI script]

4. Sys::Hostname, Solaris, and perhaps tainting

5. Taint and &IO::Socket::connect

6. taint check with PerlIS.dll/ISAPI (repost)

7. Equivalence (was: Is this normal taint behavior?)

8. Is this normal taint behavior?

9. perl 4 & 5 tainting bug

10. Problems installing Taint.pm

11. Tainting & Sockets Autoload problem

12. running Plexus with Perl 5.0 -- taint warnings

 

 
Powered by phpBB® Forum Software