in reply to Re^2: do'.\dir\file' under -T on Windows
in thread do'.\dir\file' under -T on Windows

If a taint check for relative paths were to be added, it would throw an exception rather than setting $! to file not found.

Note that this taint check would be a departure from the current model which allows the current directory to be used. 

$ cat script.pl
#!/usr/bin/perl
print "unsafe?\n";

$ perl -T -e'$ENV{PATH}=""; system "script.pl";'
unsafe?

[download]
$ cat Mod.pm
print "unsafe?\n";
1;

$ perl -T -e'@INC = "."; require Mod;'
unsafe?

[download]

Sounds like a pretty good idea to me, though. It would break stuff, but nothing that can't be fixed.

Replies are listed 'Best First'.
Re^4: do'.\dir\file' under -T on Windows
by Anonymous Monk on Feb 26, 2009 at 07:58 UTC
    Thanks a lot,

    I sent a description/testcase to perlbug@perl.org .

    Regards, Christoph
[reply]
      Sorry,

      that anonymous was me, forgot to log in.

      Christoph
[reply]

In Section Seekers of Perl Wisdom