On Wed, Jun 21, 2023 at 12:36 PM Derek Martin <[email protected]> wrote: > > On Tue, Jun 20, 2023 at 03:39:59PM -0500, Derek Martin wrote: > > My script exactly demonstrates the point I made: You can't > > compromise a script (or other program) in the manner you described > > when it takes care on its own behalf that its PATH is set up properly.
I haven't noticed anyone calling out the issue of where interpreters are installed. Do I put #!/bin/perl or #!/usr/bin/perl or maybe /opt/bin/perl at the top of my Perl script. I vaguely recall some incantation that you can use (maybe involving env?) to grovel through your PATH and find the interpreter, but from other messages on the list that sounds like a potential security problem. Bill Bogstad P.S. It looks like the man page for env on my Linux system has an example of the incantation necessary, but it still looks like a security risk. _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
