Re: [exim-dev] Popping '.' from @INC

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Phil Pennock
Date:  
À: exim-dev
Sujet: Re: [exim-dev] Popping '.' from @INC
On 2017-02-12 at 11:30 +0100, Heiko Schlittermann wrote:
> I saw, that '.' now gets pop()ed from @INC in various Perl scripts.
>
> Is there a special reason doing so? If we'd deal with security in mind,
> we should use Perl's taint mode to make the scripts more secure.


Root invokes these scripts, often for messing with queue analysis.
Invoking them in /tmp is entirely reasonable. Other people can write to
/tmp, so letting people have code be run as root because root invoked an
Exim tool while in /tmp is poor form.

Taint mode deals with when the invoker's environment is not trusted.
It's excellent for daemons, CGIs, network protocol clients, etc. It's
less useful for CLI tools which don't talk to untrusted services. I'm
not opposed to it I just don't see the point here.

Taint mode doesn't really protect against @INC being stupid.

Other scripting languages have things like "the directory where the
script was found is also in sys.path/whatever"; AFAIK only Perl puts the
_current_ directory into @INC.

See: https://bugs.exim.org/1864