comment on

++ Many thanks for this detailed explanation.

"... essentially a for-loop that adds predefined user-specific folders to @INC through unshift @INC, ... commands."

Given your mention of "specific implementation of cPanel", I imagine that it's not impossible for one of those predefined values to be tainted in some implementation(s). On that basis, and even if it's unlikely, it's still worth checking cPanelUserConfig to move from, as I put it, "pretty sure" to "100% certain".

Not posting your cPanelUserConfig.pm was the correct decision. I made much the same choice with not "search[ing] the web for an unofficial copy".

Changing the title, to facilitate searching for cPanelUserConfig here, was also a good move.

— Ken

In reply to Re: cPanelUserConfig Reference by kcott
in thread Insecure Dependency in Taint Mode by Bod

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.