Rob wrote:
> I've been following this list with the digest version for some time now
> and have started using the -T swith in all of the scripts that I write
> now. Unfortunately, I don't know how to send e-mail with the -T switch
> turned on. I would normally do it like this...
>
> open (MAIL, "|$mailprog -t"); #The script fails here
If you want to run external programs while in taint mode, set your PATH
enviroment variable to a safe minimal set of directories:
$ENV{PATH}='/bin:/usr/bin';
or even delete it if you don't need it:
delete $ENV{PATH};
For more datails, see also:
perldoc perlsec
(search for section titled "Cleaning Up Your Path")
Or better, use Mail::Sender, it doesn't need any external programs.
http://search.cpan.org/search?dist=Mail-Sender
- RaFaL Pocztarski, [EMAIL PROTECTED]
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
