Jan Dubois wrote:
>On Thu, 16 Jun 2005, Steve Hay wrote:
>
>
>>Well, I'm really confused now.
>>
>>A simple test program shows that system("copy ...") does indeed work
>>fine, even with tainting on and $ENV{PATH} cleared (as per op/taint.t).
>>
>>
>
>Really? I think the clearing of $ENV{PATH} is the problem because Perl
>will use an unqualified "cmd.exe /x/d/c" or "command.com /c" to invoke
>the shell (it doesn't use $ENV{COMSPEC}. So if you clear $ENV{PATH}
>it will not be able to find cmd.exe.
>
Sounds sensible, however
#!perl -T
use strict;
use warnings;
$ENV{PATH} = '';
system("copy C:\\Borland\\BCC55\\Bin\\cc3250mt.dll .") && die "Error: $!";
works perfectly, copying the DLL to the current directory!
In fact, if I use system() to invoke a program that can only be found
via the PATH, e.g. "diff -v" only works when C:\cygwin\bin is in my
PATH, then I find that the system() call works fine even after I've
cleared $ENV{PATH}!
How can this be?
And why doesn't it work in t/op/taint.t?
------------------------------------------------
Radan Computational Ltd.
The information contained in this message and any files transmitted with it are
confidential and intended for the addressee(s) only. If you have received this
message in error or there are any problems, please notify the sender
immediately. The unauthorized use, disclosure, copying or alteration of this
message is strictly forbidden. Note that any views or opinions presented in
this email are solely those of the author and do not necessarily represent
those of Radan Computational Ltd. The recipient(s) of this message should
check it and any attached files for viruses: Radan Computational will accept no
liability for any damage caused by any virus transmitted by this email.
