Insecure dependency in `` while running with -T switch

fpeter has asked for the wisdom of the Perl Monks concerning the following question:

Hello All,
I am new to this forum and I would like your help in resolving an issue I have been struggling with. I have a perl script that Ineed to compile with "-T" switch.

I am getting the error "Insecure dependency in `` while running with -T switch at xxxx.pl line 1674, <STDIN> line 5." when I run the script. The relevant lines are: "

sub compileOrc
{
  my ($infile) = @_;
  my $outfile;
  my $cc_orc;
  my @res;
  
  $outfile = "$appfile.orc";
  $cc_orc = "sudo $G::PAX_CC -c -i $infile -o $outfile 2>&1";
  (@res) = `$cc_orc`;  ==> This is the one giving the error.
...
}
[download]

I have tried the following change with no change to the error:

"(@res) = map { /(\w+)/ } `$cc_orc`;  # untaint"
[download]

Your help in solving this would be greatly appreciated.

Thanks, Fatima

Comment on Insecure dependency in `` while running with -T switch Select or Download Code

Replies are listed 'Best First'.
Re: Insecure dependency in `` while running with -T switch by almut (Canon) on Jun 10, 2010 at 16:36 UTC
You need to untaint `$cc_orc` — not the results of its (attempted) backticks invocation.	[reply] [d/l]
Re^2: Insecure dependency in `` while running with -T switch by fpeter (Initiate) on Jun 10, 2010 at 17:26 UTC
Thanks much. That seemed to do the trick. - Fatima	[reply]
Re: Insecure dependency in `` while running with -T switch by JavaFan (Canon) on Jun 10, 2010 at 16:50 UTC
It could be that one of `$G::PAX_CC`, `$infile` or `$appfile` is tainted. Or one of your environment variables is tainted - for instance `$ENV{PATH}`. If the latter, either set it yourself, or use a fully qualified path to `sudo`.	[reply] [d/l] [select]