perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <>
Subject RE: Insecure $ENV{PATH} while running with -T at Mail/Mailer/
Date Fri, 30 Apr 2004 17:29:58 GMT
Hi Stas,

sorry for not replying - too much pressure at work and 
I have to finish my mod_perl-script (a Continuus trigger) 
tonight. I don't have time to install Apache::Reload, 
but I've tried  to create a test case for you - running:

package Testcase;

        delete @ENV{qw(IFS CDPATH ENV BASH_ENV)};
        $ENV{PATH} = '/bin:/usr/bin:/usr/lib';

use Apache;
use Apache::Constants qw(OK);
use Mail::Mailer qw(sendmail);
use strict;

sub handler
    my $r = shift;

        #$ENV{PATH} = '/bin:/usr/bin:/usr/lib';
        my $sendmail = Mail::Mailer->new();
        unless ($sendmail->open({From    => '',
                                 To      => '',
                                 Subject => 'Test case',
                                })) {
            print "Can not send mail: $!\n";
            $r->log_error("Can not send mail: $!");
            return OK;
        print $sendmail "Test case\n";

        #open my $MAILX, "|/usr/bin/mailx -r afarber -s 'Test case' afarber"
                #or die "Can not open pipe to /usr/bin/mailx: $!\n";
        #print $MAILX "Test case\n";
        #close $MAILX or die "Can not close pipe to /usr/bin/mailx: $!\n";

    return OK;


gives me the error:

[Fri Apr 30 19:21:22 2004] [notice] SIGHUP received.  Attempting to restart
[Fri Apr 30 19:21:23 2004] [notice] Apache/1.3.27 (Unix) mod_perl/1.27 configured -- resuming
normal operations
[Fri Apr 30 19:21:23 2004] [notice] Accept mutex: fcntl (Default: fcntl)
[Fri Apr 30 19:23:14 2004] [error] Insecure $ENV{PATH} while running with -T switch at /nokia/apps/tww/@sys/perl580p/lib/5.8.0/Mail/Mailer/
line 16.

Yes, I'm using Apache::StatINC:

 PerlModule Apache::StatINC
 PerlModule Testcase
 <Location /testcase>
  SetHandler perl-script
  PerlHandler Testcase
  PerlInitHandler Apache::StatINC
  PerlSetVar StatINCDebug On

I believe it's not Mail::Mailer's problem, as I tried opening 
a pipe to mailx (see the code above) and have got the same error:

Apache::StatINC: process 421 reloading
[Fri Apr 30 19:26:27 2004] [error] Insecure $ENV{PATH} while running with -T switch at /appl/continuus/ccm-5.1-SunOS/gscm/lib/
line xx.

I've workarounded my problem by moving the line 

        $ENV{PATH} = '/bin:/usr/bin:/usr/lib';

from the BEGIN block into the handler sub, right before I call

        my $sendmail = Mail::Mailer->new();

So it looks to me, that it's a problem of mod_perl 
or maybe of the Apache::StatINC


> -----Original Message-----
> From: ext Stas Bekman []
> wrote:
> > 
> > I've forgotten to mention it, but I have already tried
> > 
> > BEGIN {
> >         delete @ENV{qw(PATH IFS CDPATH ENV BASH_ENV)};
> >         $ENV{PATH} = '/bin:/usr/bin';
> > }
> Alex, please show me a complete minimal test case. You might 
> be able to reproduce it by dropping the whole Mail::Mailer and just 
> using a line similar to where it fails: exec( $exe, '-t', @$args );
> e.g. exec ("/bin/echo", "hi"); 
> I believe. If it doesn't work, use Mail::Mailer but give me a complete 
> (minimal) module which still fails. Otherwise it's hard to 
> reproduce it, since 
> you only show part of it.
> Also does the problem go away when you don't use the 
> reloader? It's been ages since I last used StatINC, why does it print:
>    Apache::StatINC: process 4933 reloading
> did you enable the debug mode or something. Does it happen 
> during the reload or after it was reloaded. I suppose it was after it was 
> reloaded. could it be that Mail::Mailer redefines $ENV{PATH} in its code? check 
> what's the value that you get before you call the code that fails.

Report problems:
Mail list info:
List etiquette:

View raw message