Re: CDPATH and shell scripts

[Mike Hommey <mh@glandium.org>]

On Thu, Jul 02, 2009 at 02:26:21PM -0700, Russ Allbery wrote:
> Jonathan Yu <jonathan.i.yu@gmail.com> writes:
> 
> > How to fix them? Write Perl scripts, and turn on taint checking --
> > that fixes the four issues above, because it makes the script exit if
> > any of them look dangerous. Env::Sanctify::Auto is a Perl module that
> > automatically cleans up the paths.
> >
> > My advice:
> > 1. Write scripts that might be run as root (or setuid root) using Perl
> > 2. Turn on taint checking
> > 3. Consider using Env::Sanctify::Auto (shameless plug)
> 
> I would really prefer that people not start writing maintainer scripts
> in Perl as a matter of course.  Perl is harder to analyze for programs
> like lintian than shell scripts (which are already hard enough).

I wonder, do dpkg unset these variables when running maintainer scripts?
That could be a good idea if it doesn't already.

Mike