tag 588017 +upstream
thanks
On Sun, Jul 04, 2010 at 06:47:32PM +0100, Dominic Hargreaves wrote:
> I'm not going to start play severity games, but thie looks very much
> like a security bug to me.
It looks like this is a concious decision by upstream, it's even documented
in perlvar(1):
The array @INC contains the list of places that the "do EXPR",
"require", or "use" constructs look for their library files. It
initially consists of the arguments to any -I command-line switches,
followed by the default Perl library, probably /usr/local/lib/perl,
followed by ".", to represent the current directory. ("." will not be
appended if taint checks are enabled, either by "-T" or by "-t".)
--
Chris Butler <chr...@debian.org>
GnuPG Key ID: 4096R/49E3ACD3
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
