| Subject: | Module::Load::Conditional is not taint-safe with $FIND_VERSION on |
Currently, IPC::Cmd can't be easily used under taint mode because
Module::Load::Conditional does some taint-unsafe reading of files when
$FIND_VERSION is on. Here's a stack trace when running with -t:
Insecure dependency in eval while running with -t switch at
/usr/lib/perl5/site_perl/5.8.8/Module/Load/Conditional.pm line 332,
<GEN4> line 88.
at /usr/lib/perl5/site_perl/5.8.8/Module/Load/Conditional.pm line 332
Module::Load::Conditional::_parse_version() called at
/usr/lib/perl5/site_perl/5.8.8/Module/Load/Conditional.pm line 250
Module::Load::Conditional::check_install() called at
/usr/lib/perl5/site_perl/5.8.8/Module/Load/Conditional.pm line 437
Module::Load::Conditional::can_load() called at
/usr/lib/perl5/vendor_perl/5.8.8/IPC/Cmd.pm line 131
IPC::Cmd::can_use_ipc_open3() called at
/usr/lib/perl5/vendor_perl/5.8.8/IPC/Cmd.pm line 149
IPC::Cmd::can_capture_buffer() called at
/usr/lib/perl5/vendor_perl/5.8.8/IPC/Cmd.pm line 340
IPC::Cmd::run() called at t/300_bzr.t line 70