Jonathan Yu <jonathan.i...@gmail.com> writes:

> How to fix them? Write Perl scripts, and turn on taint checking --
> that fixes the four issues above, because it makes the script exit if
> any of them look dangerous. Env::Sanctify::Auto is a Perl module that
> automatically cleans up the paths.
>
> My advice:
> 1. Write scripts that might be run as root (or setuid root) using Perl
> 2. Turn on taint checking
> 3. Consider using Env::Sanctify::Auto (shameless plug)

I would really prefer that people not start writing maintainer scripts
in Perl as a matter of course.  Perl is harder to analyze for programs
like lintian than shell scripts (which are already hard enough).

-- 
Russ Allbery (r...@debian.org)               <http://www.eyrie.org/~eagle/>


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to