I think you'd pass it as an argument to configure ...
In perl5260delta.pod we find:
"PERL_USE_UNSAFE_INC"
There is a new environment variable recognised by the perl
interpreter. If this variable has the value 1 when the perl
interpreter starts up, then "." will be automatically appended
+ to
@INC (except under tainting).
This allows you restore the old perl interpreter behaviour on
+a
case-by-case basis. But note that this is intended to be a tem
+porary
crutch, and this feature will likely be removed in some future
+ perl
version. It is currently set by the "cpan" utility and
"Test::Harness" to ease installation of CPAN modules which hav
+e not
been updated to handle the lack of dot. Once again, don't use
+this
unless you are sure that this will not reintroduce any securit
+y
concerns.
From that, I gather that you don't actually configure perl to have "." in @INC, but you instead set the environment variable PERL_USE_UNSAFE_INC to 1 in order obtain the "unsafe" @INC.
OTOH, we have in perlrun.pod:
PERL_USE_UNSAFE_INC
If perl has been configured to not have the current
directory in @INC by default, this variable can be set
+ to
"1" to reinstate it. It's primarily intended for use w
+hile
building and testing modules that have not been update
+d to
deal with "." not being in @INC and should not be set
+in the
environment for day-to-day use.
And this suggests that it is possible to configure perl such that @INC is "unsafe" by default.
I, too, would guess that would be done as Fletch proposed.
But I couldn't locate any definitive documentation on the matter.
UPDATE: I've just received word from the p5p list that the correct configure arg to use is -Udefault_inc_excludes_dot and that this is documented in the INSTALL file (which is located in the top level directory of the perl source distro).
Cheers,
Rob |