Ken Williams wrote:
>
> Stas Bekman <[EMAIL PROTECTED]> wrote:
>
>> According to perlsec manpage this is what should be done:
>>
>> $ENV{'PATH'} = '/bin:/usr/bin';
>> delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
>>
>> hence in this particular case the patch should be:
>>
>> local %ENV;
>> delete @ENV{ qw(PATH IFS CDPATH ENV BASH_ENV) };
>
>
>
> I'm a little late, but I just read this thread now. Using local() to save
> a temporary copy of the entire hash seems wasteful, because all you need to
> do is get rid of a few entries temporarily. You can do this instead:
> local @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV', 'PATH'};
> $ENV{'PATH'} = '/bin:/usr/bin';
nice, committed :)
this is still nicer, as it does the split at compile time :
qw(PATH IFS CDPATH ENV BASH_ENV)
_____________________________________________________________________
Stas Bekman JAm_pH -- Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide http://perl.apache.org/guide
mailto:[EMAIL PROTECTED] http://apachetoday.com http://eXtropia.com/
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
