in reply to Insecure Environment ?
Insecure $ENV{ENV} while running with -T switch at /u/beta/coampsos/COSL/COAMPSOS/lib/COAMPSOS_rmon_monitor_tools +.pm line 1496. (#1) (F) You can't use system(), exec(), or a piped open in a setuid or setgid script if any of $ENV{PATH}, $ENV{IFS}, $ENV{CDPATH}, $ENV{ENV}, $ENV{BASH_ENV} or $ENV{TERM} are derived from data supplied (or potentially supplied) by the user. The script must s +et the path to a known value, using trustworthy data. See perlsec.
|
|---|