Re^2: Variable use lib with taint (FindBin problem)

To clarify, here is a sample program with the minimal amount of code needed to recreate the problem:

#!/usr/local/bin/perl -T
use warnings;
use strict;

use FindBin qw/$Bin/;
use lib "$Bin/../lib";

use Data::Dumper;
[download]

Data::Dumper may be replaced with another module (I also tried CGI) with the same result. The error message is:

Insecure dependency in require while running with -T switch at ./test.
+cgi line 11. BEGIN failed--compilation aborted
[download]

Comment on Re^2: Variable use lib with taint (FindBin problem) Select or Download Code

Replies are listed 'Best First'.
Re^3: Variable use lib with taint (FindBin problem) by davorg (Chancellor) on Aug 17, 2004 at 15:06 UTC
You can untaint `$Bin` in a `BEGIN` block. `#!/usr/bin/perl -T use warnings; use strict; use FindBin qw/$Bin/; BEGIN { if ($Bin =~ m!([\w\./]+)!) { $Bin = $1; } else { die "Bad directory $Bin\n"; } } use lib "$Bin/../lib"; use Data::Dumper; print "Hello!!\n";` [download] -- <http://www.dave.org.uk> "The first rule of Perl club is you do not talk about Perl club." -- Chip Salzenberg	[reply] [d/l]
Re^4: Variable use lib with taint (FindBin problem) by Anonymous Monk on Aug 18, 2004 at 12:47 UTC
Thank you. That solved the problem.	[reply]