From: Jarkko Hietaniemi <jhi@iki.fi>
Date: Sun, 25 May 2003 18:51:00 +0000 (+0000)
Subject: Run external commands only with localized sanitized $ENV{PATH}.
X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=18c8aed301fbcf003fca115a36b4b7ae503d99b6;p=p5sagit%2Fp5-mst-13.2.git

Run external commands only with localized sanitized $ENV{PATH}.

p4raw-id: //depot/perl@19621
---

diff --git a/ext/Sys/Hostname/Hostname.pm b/ext/Sys/Hostname/Hostname.pm
index efc8d38..632ea9b 100644
--- a/ext/Sys/Hostname/Hostname.pm
+++ b/ext/Sys/Hostname/Hostname.pm
@@ -72,6 +72,8 @@ sub hostname {
   else {  # Unix
     # is anyone going to make it here?
 
+    local $ENV{PATH} = '/usr/bin:/bin:/usr/sbin:/sbin'; # Paranoia.
+
     # method 2 - syscall is preferred since it avoids tainting problems
     # XXX: is it such a good idea to return hostname untainted?
     eval {