perl-modperl-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sbek...@hyperreal.org
Subject cvs commit: modperl/t/net/perl file.pl
Date Tue, 12 Oct 1999 09:35:52 GMT
sbekman     99/10/12 02:35:50

  Modified:    t/net/perl file.pl
  Log:
  Removed the taint problem that was triggered before and thus made the
  'make test' failed on t/modules/file with:
  
  Insecure dependency in require while running with -T switch at (eval 164)
  line 3
  
  by setting the $ENV{'PATH'} = '/bin:/usr/bin'; as suggested by perlsec man
  page and moving it and the 'require Apache::File' into BEGIN block
  
  Revision  Changes    Path
  1.6       +5 -1      modperl/t/net/perl/file.pl
  
  Index: file.pl
  ===================================================================
  RCS file: /export/home/cvs/modperl/t/net/perl/file.pl,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- file.pl	1999/04/07 03:34:39	1.5
  +++ file.pl	1999/10/12 09:35:48	1.6
  @@ -9,7 +9,11 @@
       return;
   }
   
  -require Apache::File;
  +BEGIN{
  +  # untaint $ENV{PATH}
  +  $ENV{'PATH'} = '/bin:/usr/bin';
  +  require Apache::File;
  +}
   print "1..6\n";
   my $fh = Apache::File->new;
   my $i = 0;
  
  
  

Mime
View raw message