Re: Secuirty Hole In Older Perl Installs...

[chris () FAST-AG DE (Christian Groessler)]

  On 3/11/97 8:41:23 AM krobson () USA NET wrote:
  > Hi Folks,
  >
  > Recently I have installed a couple of the distributions of Perl 5.001
  from Hip onto NT boxes. Unfortunately Perl updates the system global
  > variables and does the following to your path:-
  >
  > PATH=.;c:\perl;%PATH%
  >
  > As you can see this makes it extremely easy to create trojan horse type
  attacks as it usually ensures that your current directory is read before
  > any system directories, etc.
  >

  AFAIK, unter DOS and NT you always have "." implicilty at the beginning
  of your PATH variable.
  The dot in the PATH variable above is redundant.

  regards
  chris