Hi All,
We update the perl from 5.8.8 to 5.10.1 in AIX,
when we use perl debug with taint mode using -dT then we are getting
following error
Insecure dependency in eval while running with -T switch at
/usr/opt/perl5/lib/5.10.1/aix-thread-multi/File/Glob.pm line 96.
we are not getting any error if we use perl-5.8.8
Just for testing i did this change
# diff -cr Glob.pm.bak Glob.pm
*** Glob.pm.bak Sun Oct 12 00:56:58 2008
--- Glob.pm Sun Oct 12 05:44:19 2008
***************
*** 89,94 ****
--- 89,99 ----
require Carp;
Carp::croak($error);
}
+ if ($val =~ /^(\d+)$/) {
+ $val = $1; # $data now untainted
+ } else {
+ die "Bad data in '$val'"; # log this somewhere
+ }
eval "sub $AUTOLOAD { $val }";
goto &$AUTOLOAD;
}
and debugger was able to run the command but again i got the insecure
dependency error in
/usr/opt/perl5/lib/5.10.1/aix-thread-multi/IO/File.pm for open call in open
subroutine
when used c command.
Has anyone come across such situation or any suggestion on workaround would
be very helpful
--
Thanks & Regards,
Sangamesh
