Hi all (but mostly Brian),
Whan running Inline::Java with UNTAINT, I came across this kind of error.
Insecure directory in $ENV{PATH} while running with -T switch at
/usr/local/perl56/lib/perl5/5.6.0/Cwd.pm line 85, <DATA> line 310.
Is this an error that I should try to overcome? I think it means that the
users PATH is insecure, (i.e. contains directories that can be written to by
others), and I dont think there's much the application can do about that...
This error comes from the fact that Cwd::cwd() in fact uses `pwd`, which use
PATH. I also look at PATH to call 'make' and to locate use the Java
binaries.
I has able to bypass the error by dissecting PATH and finding the binary I'm
looking for and calling it with an absolute path. I don't get the error, but
it's not more secure...
Thanks,
Patrick LeBoutillier
SITA Montreal
[EMAIL PROTECTED]
