<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1505" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>Sammuel,</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Você tem que "limpar" suas varáveis de
ambiente:</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2><!--StartFragment --><FONT face="Times New Roman"
size=3> </FONT> $ENV{'PATH'} = '/bin:/usr/bin';<BR> delete
@ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT><FONT face=Arial size=2>Veja <A
href="http://www.perl.com/doc/manual/html/pod/perlsec.html">http://www.perl.com/doc/manual/html/pod/perlsec.html</A> para
mais informações.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>[]´s</FONT></DIV>
<DIV><FONT face=Arial size=2>Vinicius</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B>
<A title=sammuel.souza@gmail.com href="mailto:sammuel.souza@gmail.com">Sammuel
de Souza</A> </DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A title=cascavel-pm@mail.pm.org
href="mailto:cascavel-pm@mail.pm.org">Cascavel Perl Mongers</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Thursday, August 04, 2005 7:18
PM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> Re: [Cascavel-pm] Erro estranho
no Perl v5.8.6</DIV>
<DIV><BR></DIV>
<DIV><FONT face=Arial size=2>Fiz como vc falou</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>fiz um script menor para ver se resolvo o
problema.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>coloquei </FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>use diagnostics;</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Codigo</FONT></DIV>
<DIV><FONT face=Arial size=2><STRONG>#!/usr/bin/perl</STRONG></FONT></DIV>
<DIV><STRONG></STRONG> </DIV>
<DIV><FONT face=Arial size=2><STRONG>use diagnostics;</STRONG></FONT></DIV>
<DIV><STRONG></STRONG> </DIV>
<DIV><FONT face=Arial size=2><STRONG>use CGI;</STRONG></FONT></DIV>
<DIV><STRONG></STRONG> </DIV>
<DIV><FONT face=Arial size=2><STRONG>my $query = new
CGI;</STRONG></FONT></DIV>
<DIV><STRONG></STRONG> </DIV>
<DIV><FONT face=Arial size=2><STRONG>print
$query->header;</STRONG></FONT></DIV>
<DIV><STRONG></STRONG> </DIV>
<DIV><FONT face=Arial size=2><STRONG>$impr = `/bin/cat
/usr/local/www/cgi-bin/aa.log`;</STRONG></FONT></DIV>
<DIV><STRONG></STRONG> </DIV>
<DIV><FONT face=Arial size=2><STRONG>print "teste:
$impr";<BR></STRONG></FONT></DIV>
<DIV><FONT face=Arial size=2><STRONG></STRONG></FONT> </DIV>
<DIV><FONT face=Arial size=2>quando acesso via Internet explorer veja o
httpd-error.log</DIV></FONT>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Insecure $ENV{PATH} while running setuid
at<BR>
/usr/local/www/cgi-bin/sam.cgi line 11 (#1)<BR> (F) You
can't use system(), exec(), or a piped open in a setuid
or<BR> setgid script if any of $ENV{PATH}, $ENV{IFS},
$ENV{CDPATH},<BR> $ENV{ENV}, $ENV{BASH_ENV} or $ENV{TERM}
are derived from data<BR> supplied (or potentially supplied)
by the user. The script must set<BR> the path to a
known value, using trustworthy data. See perlsec.</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial size=2>Uncaught exception from user
code:<BR> Insecure $ENV{PATH} while
running setuid at /usr/local/www/cgi-bin/sam.cgi line 11.<BR> at
/usr/local/www/cgi-bin/sam.cgi line 11<BR></FONT></DIV>
<DIV><FONT face=Arial size=2>Agora qnd digit via prompt veja</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial><FONT size=2># ./sam.cgi</FONT></FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>ele executa normal...</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Server version: Apache/1.3.33 (Unix) PHP/5.0.4
mod_perl/1.29</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>o que esta acontecendo???</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>[]'s Douglas</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial><FONT size=2></FONT></FONT> </DIV>
<DIV><FONT face=Arial><FONT size=2></FONT><FONT
size=2></FONT> </DIV></FONT>
<P>
<HR>
<P></P>_______________________________________________<BR>Cascavel-pm mailing
list<BR>Cascavel-pm@pm.org<BR>http://mail.pm.org/mailman/listinfo/cascavel-pm
<P>
<HR>
<P></P>No virus found in this incoming message.<BR>Checked by AVG
Anti-Virus.<BR>Version: 7.0.338 / Virus Database: 267.10.1/64 - Release Date:
4/8/2005<BR></BLOCKQUOTE></BODY></HTML>