[Israel.pm] Removing PERLLIB additions to @INC

Oron Peled oron at actcom.co.il
Wed Jan 14 09:42:31 PST 2004


On Wednesday 14 January 2004 15:55, Yuval Kogman wrote:
> If at some point you need to have a script without tainting perhaps
> something resemblant of
> 
> #!/bin/sh -c 'unset PERL5LIB; unset PERLLIB; /usr/bin/perl $@'
> 
> (untested) may be useful.

It shouldn't work on any Unix/Linux. The sharp-bang syntax accept
a maximum of *single* argument (in your case it is the '-c').

This isn't a bug. It is needed to prevent an interesting security hole
(if arbitrary number of arguments were accepted) [... find the hole :-]

It means that something like:
    #! /bin/sh -ri
Will work, while:
    #! /bin/sh -r -i
Would run with the '-r' flag only.

Another issue is that some very old Unices (e.g: Sunos-4.x) sliently
truncated the string to 32 chars.

-- 
Oron Peled                             Voice/Fax: +972-4-8228492
oron at actcom.co.il                  http://www.actcom.co.il/~oron

He who sacrifices functionality for ease of use
Loses both and deserves neither




More information about the Perl mailing list