Browse Source

Remove PATH overriding code in ikiwiki script that was present to make perl taint checking happy, but taint checking is disabled.

plusone
Joey Hess 10 years ago
parent
commit
5c6c0813ca
3 changed files with 11 additions and 3 deletions
  1. +2
    -0
      debian/changelog
  2. +9
    -0
      doc/bugs/ikiwiki_ignores_PATH_environment.mdwn
  3. +0
    -3
      ikiwiki.in

+ 2
- 0
debian/changelog View File

@@ -3,6 +3,8 @@ ikiwiki (3.20100832) UNRELEASED; urgency=low
* needsbuild hook interface changed; the hooks should now return
the modified array of things that need built. (Backwards compatability
code keeps plugins using the old interface working.)
* Remove PATH overriding code in ikiwiki script that was present to make
perl taint checking happy, but taint checking is disabled.

-- Joey Hess <joeyh@debian.org> Tue, 07 Sep 2010 12:08:05 -0400



+ 9
- 0
doc/bugs/ikiwiki_ignores_PATH_environment.mdwn View File

@@ -7,3 +7,12 @@ This makes it a little hard to specify which specific binaries should be used, e
$ENV{PATH}="$ENV{PATH}:/usr/local/bin:/usr/bin:/bin:/opt/local/bin";

? The alternative is of course to patch ikiwiki as suggested in the bug, but I wanted to ask here first :)

> You can use the ENV setting in your setup file to set any environment
> variables you like. Since ikiwiki.cgi is run by the web browser, that
> is the best way to ensure ikiwiki always runs with a given variable set.
>
> As a suid program, the ikiwiki wrappers have to sanitize the environment.
> The ikiwiki script's own sanitization of PATH was done to make perl taint
> checking happy, but as taint checking is disabled anyway, I have removed
> that. [[done]] --[[Joey]]

+ 0
- 3
ikiwiki.in View File

@@ -1,7 +1,4 @@
#!/usr/bin/perl
$ENV{PATH}="/usr/local/bin:/usr/bin:/bin";
delete @ENV{qw{IFS CDPATH ENV BASH_ENV}};

package IkiWiki;

use warnings;


Loading…
Cancel
Save