From ea2d2a47281ac947297587c2619df190bf3c23c4 Mon Sep 17 00:00:00 2001
From: "wurblzap%gmail.com" <>
Date: Sat, 21 Oct 2006 01:52:24 +0000
Subject: Bug 340538: Insecure dependency in exec while running with -T switch
 at /usr/lib/perl5/site_perl/5.8.6/Mail/Mailer/sendmail.pm line 16. Patch by
 Marc Schumann <wurblzap@gmail.com>, r=LpSolit, a=myk

---
 editusers.cgi | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

(limited to 'editusers.cgi')

diff --git a/editusers.cgi b/editusers.cgi
index 19e7ea587..5f356fb40 100755
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -257,14 +257,13 @@ if ($action eq 'search') {
         my @values;
 
         if ($login ne $otherUser->login) {
-            # Validate, then trick_taint.
+            # Validating untaints for us.
             $login || ThrowUserError('user_login_required');
             validate_email_syntax($login)
               || ThrowUserError('illegal_email_address', {addr => $login});
             is_available_username($login)
               || ThrowUserError('account_exists', {email => $login});
 
-            trick_taint($login);
             push(@changedFields, 'login_name');
             push(@values, $login);
             $logoutNeeded = 1;
@@ -280,9 +279,8 @@ if ($action eq 'search') {
             push(@values, $realname);
         }
         if ($password) {
-            # Validate, then trick_taint.
+            # Validating untaints for us.
             validate_password($password) if $password;
-            trick_taint($password);
             push(@changedFields, 'cryptpassword');
             push(@values, bz_crypt($password));
             $logoutNeeded = 1;
@@ -296,7 +294,6 @@ if ($action eq 'search') {
             $logoutNeeded = 1;
         }
         if ($disable_mail != $otherUser->email_disabled) {
-            trick_taint($disable_mail);
             push(@changedFields, 'disable_mail');
             push(@values, $disable_mail);
         }
-- 
cgit v1.2.3-24-g4f1b