Skip Menu |

This queue is for tickets about the GraphViz CPAN distribution.

Report information
The Basics
Id: 53511
Status: resolved
Priority: 0/
Queue: GraphViz
People
Owner: Nobody in particular
Requestors: hungershausen [...] defcon-x.de
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Fri Jan 08 05:23:37 2010 hungershausen [...] defcon-x.de - Ticket created
Subject: GraphViz does not work in Taint-Mode
Date: Fri, 8 Jan 2010 11:02:44 +0100
To: bug-GraphViz [...] rt.cpan.org
From: Rainer Hungershausen <hungershausen [...] defcon-x.de>
Hello, the fine GraphViz.pm doesn't work when using it in a software that relies on the taint mode. [Fri Jan 08 10:44:55 2010] [error] Insecure $ENV{PATH} while running with -T switch at /opt/command/lib/thirdparty/lib/IPC/Run.pm line 1272.\n at /opt/command/lib/thirdparty/lib/GraphViz.pm line 1195\n The fix is rather simple: Instead of using the PATH variable from the system, write your own PATH before executing the run command. $ENV{PATH}='/usr/bin'; /usr/bin works fine for me, but some users might have the binary in other places... Best regards, Rainer Hungershausen
  Tue Jun 14 21:55:52 2011 RSAVAGE [...] cpan.org - Correspondence added
This issue is fixed in GraphViz2 V 1.00. I (Ron) have not used $ENV for anything in GraphViz2. It is used in the demos, but that should not affect you. There're won't be any further development on GraphViz.
  Tue Jun 14 21:55:53 2011 The RT System itself - Status changed from 'new' to 'open'
  Tue Jun 14 21:55:53 2011 RSAVAGE [...] cpan.org - Status changed from 'open' to 'resolved'