Mike Hommey writes:
> On Thu, Jul 02, 2009 at 02:26:21PM -0700, Russ Allbery wrote:
>> Jonathan Yu writes:
>>
>> > How to fix them? Write Perl scripts, and turn on taint checking --
>> > that fixes the four issues above, because it makes the script exit if
>> > any of them look dangerous. Env::
On Thu, Jul 02, 2009 at 02:26:21PM -0700, Russ Allbery wrote:
> Jonathan Yu writes:
>
> > How to fix them? Write Perl scripts, and turn on taint checking --
> > that fixes the four issues above, because it makes the script exit if
> > any of them look dangerous. Env::Sanctify::Auto is a Perl modu
On Fri, Jul 03, 2009 at 01:01:41AM +0200, Goswin von Brederlow wrote:
> As a middle ground I wouldn't mind $SHELL to unset CDPATH when it
> switches from an interactive shell to a non-interactive shell, when a
> script with #! $SHELL is executed. That one is just to damn scary.
I don't think that'
Jonathan Yu writes:
> Another option might be to break from POSIX/etc policy (I'm not sure
> where these variables are defined) and patch our command like 'cd' to
> simply ignore 'CDPATH' etc. But I suppose this would then require
> patches in all the various shells available for Debian to go aga
Jonathan Yu writes:
> On Thu, Jul 2, 2009 at 5:26 PM, Russ Allbery wrote:
>> I would really prefer that people not start writing maintainer
>> scripts in Perl as a matter of course. Perl is harder to analyze for
>> programs like lintian than shell scripts (which are already hard
>> enough).
> I
On Thu, Jul 2, 2009 at 5:44 PM, Goswin von Brederlow wrote:
> Russ Allbery writes:
>
>> Jonathan Yu writes:
>>
>>> How to fix them? Write Perl scripts, and turn on taint checking --
>>> that fixes the four issues above, because it makes the script exit if
>>> any of them look dangerous. Env::Sanc
Russ Allbery writes:
> Jonathan Yu writes:
>
>> How to fix them? Write Perl scripts, and turn on taint checking --
>> that fixes the four issues above, because it makes the script exit if
>> any of them look dangerous. Env::Sanctify::Auto is a Perl module that
>> automatically cleans up the path
On Thu, Jul 2, 2009 at 5:26 PM, Russ Allbery wrote:
> Jonathan Yu writes:
>
>> How to fix them? Write Perl scripts, and turn on taint checking --
>> that fixes the four issues above, because it makes the script exit if
>> any of them look dangerous. Env::Sanctify::Auto is a Perl module that
>> aut
Jonathan Yu writes:
> How to fix them? Write Perl scripts, and turn on taint checking --
> that fixes the four issues above, because it makes the script exit if
> any of them look dangerous. Env::Sanctify::Auto is a Perl module that
> automatically cleans up the paths.
>
> My advice:
> 1. Write s
Hi:
There are lots of variables which do nasty things.
In particular (copying this from perldoc of a module I wrote):
PATH
PATH provides a list of paths to search for executables, which
influences which commands are invoked by unqualified calls to system()
and others. This variable is particular
[...]
> So what is the right course of action here?
>
> 1) unset CDPATH in every single shell script there is?
> 2) never use relartive paths for cd in scripts?
> 3) shoot the user for doing something dumb?
> 4) disable CDPATH in /bin/sh (or is that POSIX?) or non-interactive
>scripts (would b
11 matches
Mail list logo
