Remove PATH overriding code in ikiwiki script that was present to make perl taint checking happy, but taint checking is disabled.
parent
b3aadbf0bd
commit
5c6c0813ca
|
@ -3,6 +3,8 @@ ikiwiki (3.20100832) UNRELEASED; urgency=low
|
||||||
* needsbuild hook interface changed; the hooks should now return
|
* needsbuild hook interface changed; the hooks should now return
|
||||||
the modified array of things that need built. (Backwards compatability
|
the modified array of things that need built. (Backwards compatability
|
||||||
code keeps plugins using the old interface working.)
|
code keeps plugins using the old interface working.)
|
||||||
|
* Remove PATH overriding code in ikiwiki script that was present to make
|
||||||
|
perl taint checking happy, but taint checking is disabled.
|
||||||
|
|
||||||
-- Joey Hess <joeyh@debian.org> Tue, 07 Sep 2010 12:08:05 -0400
|
-- Joey Hess <joeyh@debian.org> Tue, 07 Sep 2010 12:08:05 -0400
|
||||||
|
|
||||||
|
|
|
@ -7,3 +7,12 @@ This makes it a little hard to specify which specific binaries should be used, e
|
||||||
$ENV{PATH}="$ENV{PATH}:/usr/local/bin:/usr/bin:/bin:/opt/local/bin";
|
$ENV{PATH}="$ENV{PATH}:/usr/local/bin:/usr/bin:/bin:/opt/local/bin";
|
||||||
|
|
||||||
? The alternative is of course to patch ikiwiki as suggested in the bug, but I wanted to ask here first :)
|
? The alternative is of course to patch ikiwiki as suggested in the bug, but I wanted to ask here first :)
|
||||||
|
|
||||||
|
> You can use the ENV setting in your setup file to set any environment
|
||||||
|
> variables you like. Since ikiwiki.cgi is run by the web browser, that
|
||||||
|
> is the best way to ensure ikiwiki always runs with a given variable set.
|
||||||
|
>
|
||||||
|
> As a suid program, the ikiwiki wrappers have to sanitize the environment.
|
||||||
|
> The ikiwiki script's own sanitization of PATH was done to make perl taint
|
||||||
|
> checking happy, but as taint checking is disabled anyway, I have removed
|
||||||
|
> that. [[done]] --[[Joey]]
|
||||||
|
|
|
@ -1,7 +1,4 @@
|
||||||
#!/usr/bin/perl
|
#!/usr/bin/perl
|
||||||
$ENV{PATH}="/usr/local/bin:/usr/bin:/bin";
|
|
||||||
delete @ENV{qw{IFS CDPATH ENV BASH_ENV}};
|
|
||||||
|
|
||||||
package IkiWiki;
|
package IkiWiki;
|
||||||
|
|
||||||
use warnings;
|
use warnings;
|
||||||
|
|
Loading…
Reference in New Issue