summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Bugzilla.pm3
-rw-r--r--Bugzilla/CGI.pm18
-rwxr-xr-xchecksetup.pl14
-rw-r--r--globals.pl26
4 files changed, 22 insertions, 39 deletions
diff --git a/Bugzilla.pm b/Bugzilla.pm
index 349b05f5f..a100c0cff 100644
--- a/Bugzilla.pm
+++ b/Bugzilla.pm
@@ -59,6 +59,9 @@ use constant SHUTDOWNHTML_EXIT_SILENTLY => [
# Global Code
#####################################################################
+# Some environment variables are not taint safe
+delete @::ENV{'PATH', 'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
+
# If Bugzilla is shut down, do not allow anything to run, just display a
# message to the user about the downtime and log out. Scripts listed in
# SHUTDOWNHTML_EXEMPT are exempt from this message.
diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm
index bc2d39b99..b578b617c 100644
--- a/Bugzilla/CGI.pm
+++ b/Bugzilla/CGI.pm
@@ -45,6 +45,24 @@ use Bugzilla::Config;
# We need to disable output buffering - see bug 179174
$| = 1;
+# Ignore SIGTERM and SIGPIPE - this prevents DB corruption. If the user closes
+# their browser window while a script is running, the webserver sends these
+# signals, and we don't want to die half way through a write.
+$::SIG{TERM} = 'IGNORE';
+$::SIG{PIPE} = 'IGNORE';
+
+# The following subroutine is for debugging purposes only.
+# Uncommenting this sub and the $::SIG{__DIE__} trap underneath it will
+# cause any fatal errors to result in a call stack trace to help track
+# down weird errors.
+#sub die_with_dignity {
+# use Carp; # for confess()
+# my ($err_msg) = @_;
+# print $err_msg;
+# confess($err_msg);
+#}
+#$::SIG{__DIE__} = \&die_with_dignity;
+
# CGI.pm uses AUTOLOAD, but explicitly defines a DESTROY sub.
# We need to do so, too, otherwise perl dies when the object is destroyed
# and we don't have a DESTROY method (because CGI.pm's AUTOLOAD will |die|
diff --git a/checksetup.pl b/checksetup.pl
index 7e7f7b4e1..f5380e22e 100755
--- a/checksetup.pl
+++ b/checksetup.pl
@@ -1500,24 +1500,12 @@ import Bugzilla::User qw(insert_new_user);
require Bugzilla::Bug;
import Bugzilla::Bug qw(is_open_state);
-# globals.pl clears the PATH, but File::Find uses Cwd::cwd() instead of
-# Cwd::getcwd(), which we need to do because `pwd` isn't in the path - see
-# http://www.xray.mpe.mpg.de/mailing-lists/perl5-porters/2001-09/msg00115.html
-# As a workaround, since we only use File::Find in checksetup, which doesn't
-# run in taint mode anyway, preserve the path...
-my $origPath = $::ENV{'PATH'};
-
# Use the Bugzilla utility library for various functions. We do this
# here rather than at the top of the file so globals.pl doesn't define
# localconfig variables for us before we get a chance to check for
-# their existence and create them if they don't exist. Also, globals.pl
-# removes $ENV{'path'}, which we need in order to run `which mysql` above.
+# their existence and create them if they don't exist.
require "globals.pl";
-# ...and restore it. This doesn't change tainting, so this will still cause
-# errors if this script ever does run with -T.
-$::ENV{'PATH'} = $origPath;
-
###########################################################################
# Check Database setup
###########################################################################
diff --git a/globals.pl b/globals.pl
index 9d47c6d78..64d35f303 100644
--- a/globals.pl
+++ b/globals.pl
@@ -67,32 +67,6 @@ use Date::Parse; # For str2time().
# Use standard Perl libraries for cross-platform file/directory manipulation.
use File::Spec;
-
-# Some environment variables are not taint safe
-delete @::ENV{'PATH', 'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
-
-# Cwd.pm in perl 5.6.1 gives a warning if $::ENV{'PATH'} isn't defined
-# Set this to '' so that we don't get warnings cluttering the logs on every
-# system call
-$::ENV{'PATH'} = '';
-
-# Ignore SIGTERM and SIGPIPE - this prevents DB corruption. If the user closes
-# their browser window while a script is running, the webserver sends these
-# signals, and we don't want to die half way through a write.
-$::SIG{TERM} = 'IGNORE';
-$::SIG{PIPE} = 'IGNORE';
-
-# The following subroutine is for debugging purposes only.
-# Uncommenting this sub and the $::SIG{__DIE__} trap underneath it will
-# cause any fatal errors to result in a call stack trace to help track
-# down weird errors.
-#sub die_with_dignity {
-# use Carp; # for confess()
-# my ($err_msg) = @_;
-# print $err_msg;
-# confess($err_msg);
-#}
-#$::SIG{__DIE__} = \&die_with_dignity;
# XXXX - this needs to go away
sub GenerateVersionTable {