Gunnar Hjalmarsson wrote:
> Adam Jimerson wrote:
>>> I solved my problem using the sendmail with the code below in my script:
>>>
>>> open (MAIL, "|/usr/sbin/sendmail -t ");
>>> print MAIL "From: someaddr...@somedomain\n";
>>> print MAIL "To: someaddre...@somedomain\n";
>>> print MAIL "Content-Type: text/plain\n";
>>> print MAIL "Subject: Very simple email test\n\n";
>>> print MAIL "Body of the message";
>>> close (MAIL);
>>
>> This is kind of off topic, but are you using the -T switch on your
>> script? When I tried to open "/usr/bin/mail" with that switch on I get a
>> error message about an insecure environment command.
>
> Did it just say "insecure environment"? On my box it says: "Insecure
> $ENV{PATH} ...", which means that you need to untaint the $ENV{PATH}
> variable. The easiest way to do that is:
>
> $ENV{PATH} = '';
>
> Please read more about Perl security in "perldoc perlsec".
>
I wasn't able to remember what it exactly said, but yes it is about
$ENV{PATH}, on my machine perldoc perlsec is riddled with formating problems
it looks like, here is a copy of what I mean:
"Perl automatically enables a set of special security checks, called
ESC[4mtaintESC[24
m ESC[4mmodeESC[24m,
when it detects its program running with differing real and effective
user or
group IDs. The setuid bit in Unix permissions is mode 04000, the
setgid bit mode
02000; either or both may be set. You can also enable taint mode
explicitly by
using the ESC[1m-T ESC[22mcommand line flag. This flag is
ESC[4mstronglyESC[24m sugge
sted for server" it is like that through out the whole thing, is it like
this for anyone else?
Do I need to specify anything for the $ENV{PATH} or do I just leave it
blank, sorry for asking but this might be faster then trying to decyhper the
perldoc.
--
To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org
For additional commands, e-mail: beginners-cgi-h...@perl.org
http://learn.perl.org/
