[Cascavel-pm] Erro estranho no Perl v5.8.6

Quinta Agosto 4 15:53:10 PDT 2005

Esse erro é frescura do PERL ou é alguma coisa na instalaçao???

fiz assim para arrumar

$ENV{PATH} = '';

$cat = `/bin/cat /usr/local/squid/logs/access.log | /usr/bin/awk \'{print \$3":.:"\$4":.:"\$6":.:"\$7":.:"\$10"<br>"}\' | /usr/bin/grep $ip`;

e funcionou.

(aleluia depois de 4 dias apanhando para isso, LOL)

[]'s Douglas
  ----- Original Message ----- 
  From: Vinicius Alves 
  To: Cascavel Perl Mongers 
  Sent: Thursday, August 04, 2005 8:37 PM
  Subject: Re: [Cascavel-pm] Erro estranho no Perl v5.8.6

  Sammuel,

  Você tem que "limpar" suas varáveis de ambiente:

    $ENV{'PATH'} = '/bin:/usr/bin';
    delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};

  Veja http://www.perl.com/doc/manual/html/pod/perlsec.html para mais informações.

  []´s
  Vinicius

    ----- Original Message ----- 
    From: Sammuel de Souza 
    To: Cascavel Perl Mongers 
    Sent: Thursday, August 04, 2005 7:18 PM
    Subject: Re: [Cascavel-pm] Erro estranho no Perl v5.8.6

    Fiz como vc falou

    fiz um script menor para ver se resolvo o problema.

    coloquei 

    use diagnostics;

    Codigo
    #!/usr/bin/perl

    use diagnostics;

    use CGI;

    my $query = new CGI;

    print $query->header;

    $impr = `/bin/cat /usr/local/www/cgi-bin/aa.log`;

    print "teste: $impr";

    quando acesso via Internet explorer veja o httpd-error.log

    Insecure $ENV{PATH} while running setuid at
            /usr/local/www/cgi-bin/sam.cgi line 11 (#1)
        (F) You can't use system(), exec(), or a piped open in a setuid or
        setgid script if any of $ENV{PATH}, $ENV{IFS}, $ENV{CDPATH},
        $ENV{ENV}, $ENV{BASH_ENV} or $ENV{TERM} are derived from data
        supplied (or potentially supplied) by the user.  The script must set
        the path to a known value, using trustworthy data.  See perlsec.

    Uncaught exception from user code:
            Insecure $ENV{PATH} while running setuid at /usr/local/www/cgi-bin/sam.cgi line 11.
     at /usr/local/www/cgi-bin/sam.cgi line 11

    Agora qnd digit via prompt veja

    #  ./sam.cgi

    ele executa normal...

    Server version: Apache/1.3.33 (Unix) PHP/5.0.4 mod_perl/1.29

    o que esta acontecendo???

    []'s Douglas

----------------------------------------------------------------------------

    _______________________________________________
    Cascavel-pm mailing list
    Cascavel-pm em pm.org
    http://mail.pm.org/mailman/listinfo/cascavel-pm 

----------------------------------------------------------------------------

    No virus found in this incoming message.
    Checked by AVG Anti-Virus.
    Version: 7.0.338 / Virus Database: 267.10.1/64 - Release Date: 4/8/2005

------------------------------------------------------------------------------

  _______________________________________________
  Cascavel-pm mailing list
  Cascavel-pm em pm.org
  http://mail.pm.org/mailman/listinfo/cascavel-pm
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: http://mail.pm.org/pipermail/cascavel-pm/attachments/20050804/c9ab5b69/attachment-0001.html