Jonathan Yu <jonathan.i...@gmail.com> writes: > How to fix them? Write Perl scripts, and turn on taint checking -- > that fixes the four issues above, because it makes the script exit if > any of them look dangerous. Env::Sanctify::Auto is a Perl module that > automatically cleans up the paths. > > My advice: > 1. Write scripts that might be run as root (or setuid root) using Perl > 2. Turn on taint checking > 3. Consider using Env::Sanctify::Auto (shameless plug)
I would really prefer that people not start writing maintainer scripts in Perl as a matter of course. Perl is harder to analyze for programs like lintian than shell scripts (which are already hard enough). -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org