Please extend this check to look for insecure use of PYTHONPATH; see
disussion at:
http://lists.debian.org/debian-python/2010/11/msg00045.html
* Stefan Fritsch <[email protected]>, 2007-12-06, 22:53:
The above regexp by itself will give a false positive result for
constructs like:
if [ -n "$LD_LIBRARY_PATH" ]; then
export LD_LIBRARY_PATH=$WINELIB:$LD_LIBRARY_PATH
else
export LD_LIBRARY_PATH=$WINELIB
fi
Another class of false-positives with naïve regex approach is:
export LD_LIBRARY_PATH=/path/to/something:$LD_LIBRARY_PATH
cd /path/to/something/else
--
Jakub Wilk
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: http://lists.debian.org/[email protected]
