SPUG: PERL5LIB is tainted
Kim Goldov
goldov at sounddomain.com
Mon May 22 22:46:05 CDT 2000
I have set up a test Apache server for doing development on 2 of our web
sites. One of the sites uses "require ..." statements to pull in library
functions. The library directories are pushed onto the @INC path in each CGI
script. However, our development machine has the libraries in a different
location since I am hosting two sites.
As a workaround, I decided to set PERL5LIB to the test library location in
the httpsd.conf file using the Apache directive, SetEnv. This works to set
the PERL5LIB variable, however with taint checking active in the scripts,
the PERL5LIB variable is ignored (doesn't produce a taint violation) and
does not affect the @INC path. Is there some way I can launder PERL5LIB
before perl tries to add it to the @INC path, or must I try a different
approach to solve my problem?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
POST TO: spug-list at pm.org PROBLEMS: owner-spug-list at pm.org
Seattle Perl Users Group (SPUG) Home Page: http://www.halcyon.com/spug/
For Subscriptions, Email to majordomo at pm.org: ACTION spug-list EMAIL
Replace ACTION by subscribe or unsubscribe, EMAIL by your Email address
More information about the spug-list
mailing list