Resubmitted with modified comments.
Normally on VMS, the equivalent to /tmp is usually private to the logged
in user, as such is it not usually world writable.
When this test is run with a world writable temp directory, it does not
pass because the tainting on DCL$PATH is not checked.
This is a TODO issue on VMS.
-John
wb8...@qsl.net
Personal Opinion Only
--- /rsync_root/perl/t/op/taint.t Mon Feb 16 09:09:07 2009
+++ t/op/taint.t Tue Feb 17 19:34:20 2009
@@ -219,7 +219,13 @@
test eval { `$echo 1` } eq '';
test $@ =~ /^Insecure \$ENV{DCL\$PATH}/, $@;
SKIP: {
- skip q[can't find world-writeable directory to test DCL$PATH], 2
+
+ # DCL$PATH is not specifically checked by perl on VMS when
+ # running the test programs, so tainting it is not going to be
+ # noticed. So for now, this test is not valid.
+
+ skip q[TODO DCL$PATH tainting is not checked by perl], 2;
+ skip q[can't find world-writeable directory to test DCL$PATH], 2
unless $tmp;
$ENV{'DCL$PATH'} = $tmp;
