[Bioperl-l] CGI taint solved

Chris Fields cjfields at uiuc.edu
Wed Feb 28 08:39:24 EST 2007


That could possibly clobber any other program calls from within the  
same script (unless they reside in /usr/local/bin) since you're  
explicitly assigning PATH, not appending:

$ENV{"PATH"} = '/usr/local/bin';

gets me (printing $ENV{"PATH"}):

/usr/local/bin

whereas this:

$ENV{"PATH"} = '/usr/local/bin:' . $ENV{"PATH"};

gets me:

/usr/local/bin:/Users/cjfields/bin:/Users/cjfields/dart/bin:/usr/ 
local/mysql/bin:/usr/local/sbin:/bin:/sbin:/usr/bin:/usr/sbin

There's probably a File::* module that does this safely per OS flavor.

chris

On Feb 28, 2007, at 4:50 AM, Neil Saunders wrote:

> Apologies for running a one-man thread, but I realised that I've  
> now answered my
> own question regarding errors with CGI, Bio::Factory::EMBOSS and  
> taint.
>
> Given that the EMBOSS binaries are in /usr/local/bin, adding:
>
> $ENV{'PATH'} = '/usr/local/bin'
>
> near the top of the script does the trick.
>
>
> Neil
> -- 
>   School of Molecular and Microbial Sciences
>   University of Queensland
>   Brisbane 4072 Australia
>
> http://nsaunders.wordpress.com
>
> _______________________________________________
> Bioperl-l mailing list
> Bioperl-l at lists.open-bio.org
> http://lists.open-bio.org/mailman/listinfo/bioperl-l

Christopher Fields
Postdoctoral Researcher
Lab of Dr. Robert Switzer
Dept of Biochemistry
University of Illinois Urbana-Champaign





More information about the Bioperl-l mailing list