On Thu, Jul 02, 2009 at 02:26:21PM -0700, Russ Allbery wrote: > Jonathan Yu <jonathan.i...@gmail.com> writes: > > > How to fix them? Write Perl scripts, and turn on taint checking -- > > that fixes the four issues above, because it makes the script exit if > > any of them look dangerous. Env::Sanctify::Auto is a Perl module that > > automatically cleans up the paths. > > > > My advice: > > 1. Write scripts that might be run as root (or setuid root) using Perl > > 2. Turn on taint checking > > 3. Consider using Env::Sanctify::Auto (shameless plug) > > I would really prefer that people not start writing maintainer scripts > in Perl as a matter of course. Perl is harder to analyze for programs > like lintian than shell scripts (which are already hard enough).
I wonder, do dpkg unset these variables when running maintainer scripts? That could be a good idea if it doesn't already. Mike -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org