Running {/usr/bin/rsh case3 /usr/sbin/ping n0s30243.dnilab.cs.boeing.com 5 &|}
[Tue Sep 11 09:01:13 2007] 7: Insecure dependency in piped open while running setgid at /dev/fd/7 line 195.
##</code><code>##

	#--------------------- untaint the shell command -----------------------------------------#
	# --- untaint the $nnm argument
	if ($nnm !~ /([a-z]+ms1.[nkth][sxev].(cs.)?boeing.com)/ && $nnm !~ /(^case3.*)/)
	{
		print h3("NNM tainted: $nnm\n");
		die;
	}
	$nnm = $1;
	# --- untaint the $command argument
	unless ($command =~ /^[\w\s.\-\/]+$/  )  ##/^([-\@\w.]+)$/) ### #=~ m#^([\w\.\-/]+)$#)
	{
		print h3("command tainted: $command");
		print li($1);
		print li($2);
		print li($3);
		print li("$4\n");
		die;
	}
	$command = $1;
	# --- untaint the $debug argument
	unless ($debug =~ m#^([\w\.\-/]+)$#)
	{
		die h3("debug tainted: $debug\n");
	}
   $debug = $1;
  	#-----------------------------------------------------------------------------------------#


	open(RSH, $cmd ) || die "Failed to run {$cmd}: $!";
	while (<RSH>)
	{
		$result .= "$_\n";
		push( @lines, $_ );
	}
	close(RSH);

	if ( $debug ) { print hr; print br; print i("Result: {" . $result . "}"); }
	print br( "Lines returned: (" . @lines . ")" );
	print Dumper( @lines );
	print br,"------------", p;

##</code><code>##

# redirect stderror to screen
BEGIN {
   use CGI::Carp qw(carpout);
   carpout(\*STDOUT);
}

# Turn off output buffering
$|=1;

delete @ENV{qw(IFS CDPATH ENV BASH_ENV)};
#delete $ENV{'PATH'},$ENV{'IFS'}, $ENV{'CDPATH'}, $ENV{'BASH_ENV'};
$ENV{'PATH'} = '/usr/bin;/usr/sbin';

# Set real UID to effective UID (dncms instead of oracle) so that rsh works
$< = $>;

# Verify script is setuid by checking that dncnms is executing
my $uid = getpwnam('dncms');
if ($< != $uid)
{
    die "Error - $0 must be run as dncms $uid $<\n";
}