Remove PATH overriding code in ikiwiki script that was present to make perl taint checking happy, but taint checking is disabled.

master
Joey Hess 2010-09-07 13:47:50 -04:00
parent b3aadbf0bd
commit 5c6c0813ca
3 changed files with 11 additions and 3 deletions

2
debian/changelog vendored
View File

@ -3,6 +3,8 @@ ikiwiki (3.20100832) UNRELEASED; urgency=low
* needsbuild hook interface changed; the hooks should now return
the modified array of things that need built. (Backwards compatability
code keeps plugins using the old interface working.)
* Remove PATH overriding code in ikiwiki script that was present to make
perl taint checking happy, but taint checking is disabled.
-- Joey Hess <joeyh@debian.org> Tue, 07 Sep 2010 12:08:05 -0400

View File

@ -7,3 +7,12 @@ This makes it a little hard to specify which specific binaries should be used, e
$ENV{PATH}="$ENV{PATH}:/usr/local/bin:/usr/bin:/bin:/opt/local/bin";
? The alternative is of course to patch ikiwiki as suggested in the bug, but I wanted to ask here first :)
> You can use the ENV setting in your setup file to set any environment
> variables you like. Since ikiwiki.cgi is run by the web browser, that
> is the best way to ensure ikiwiki always runs with a given variable set.
>
> As a suid program, the ikiwiki wrappers have to sanitize the environment.
> The ikiwiki script's own sanitization of PATH was done to make perl taint
> checking happy, but as taint checking is disabled anyway, I have removed
> that. [[done]] --[[Joey]]

View File

@ -1,7 +1,4 @@
#!/usr/bin/perl
$ENV{PATH}="/usr/local/bin:/usr/bin:/bin";
delete @ENV{qw{IFS CDPATH ENV BASH_ENV}};
package IkiWiki;
use warnings;