in reply to Re: Insecure CPAN module in taint mode
in thread Insecure CPAN module in taint mode
Thank you - that explains exactly where the problem is...
Would this be a sensible way to untaint $ENV{'PATH'} without losing the portability of the code and without introducing huge security risks?
my $path = $ENV{'PATH'}; $ENV{'PATH'} = undef; foreach my $p(split /:/, $path) { if ($p =~ m!^(/(usr|bin).*)!) { $ENV{'PATH'} .= ':' if $ENV{'PATH'}; $ENV{'PATH'} .= $1; } }
In Section
Seekers of Perl Wisdom