Russ Allbery <r...@debian.org> writes: > Jonathan Yu <jonathan.i...@gmail.com> writes: > >> How to fix them? Write Perl scripts, and turn on taint checking -- >> that fixes the four issues above, because it makes the script exit if >> any of them look dangerous. Env::Sanctify::Auto is a Perl module that >> automatically cleans up the paths. >> >> My advice: >> 1. Write scripts that might be run as root (or setuid root) using Perl >> 2. Turn on taint checking >> 3. Consider using Env::Sanctify::Auto (shameless plug) > > I would really prefer that people not start writing maintainer scripts > in Perl as a matter of course. Perl is harder to analyze for programs > like lintian than shell scripts (which are already hard enough). > > -- > Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
Not to mention humans. :) MfG Goswin -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org