-----Original Message-----
From: Reini Urban
In our case I suggest to set the empty tainted PATH to /bin:/usr/bin
Where do we do that ?
If we do it in the test script, and the script then passes, the user will
think Inline works under -T.
The user then writes a script that runs under -T only to find it doesn't
work, because he hasn't set the empty PATH to /bin:/usr/bin (and there's no
reason that he should know that's needed).
So ... this check needs to be done in Inline.pm.
So ... at the end of sub env_untaint do we do something like:
$ENV{PATH} = '/bin:/usr/bin' unless $ENV{PATH};
(I'm assuming that, in those cases where $ENV{PATH} gets completely emptied
out, it's happening in env_untaint(). Is that right ?)
Is that a completely safe and harmless thing to do - or should we emit a
warning along the lines of "Setting empty \$PATH to '/bin:/usr/bin'" ?
and make the tests TODO.
Skipping is bad, since some user might want to use Inline C with tainted
input, and will not see new problems then
Ok - TODO will do. It's just as effective as SKIP at sweeping problems
under the carpet. (And, you're right, TODO does make it possible to detect a
change in behaviour.)
Do you mean that we make it a blanket TODO for all systems and situations ?
... or do you mean make it TODO only if $ENV{PATH} was empty ?
If it's the latter, then we need a way for t/08taint.t to detect that
Inline.pm set the empty $PATH to '/bin:/usr/bin'. (Just set a
$INLINE::path_fiddle variable to true iff we've replaced an empty $PATH with
'/bin:/usr/bin'.)
Cheers,
Rob
