Noah Misch <noah@leadboat.com> writes:
> On Sat, Nov 20, 2021 at 07:50:02PM -0500, Tom Lane wrote:
>> What I'm inclined to do is temporarily push `dirname $PERL` onto the front
>> of PATH while running
>> PGAC_PATH_PROGS(PROVE, prove)
> Adding to PATH, even briefly, is way too brazen. You'd need to be sure that
> PATH is never searched for anything other than "prove", which is hard to
> ensure in a shell script.
Hmm. I kind of doubt that anyone would be selecting a perl in an
untrustworthy directory --- wouldn't that imply that $blackhat could
overwrite perl itself?
Still, it wouldn't be that much more trouble to write something like
if [ -x "`dirname "$PERL"`/prove" ]; then
PROVE="`dirname "$PERL"`/prove"
else
PGAC_PATH_PROGS(PROVE, prove)
fi
(this lacks some infrastructure, but you get the point).
> I'd be -1 on a back-patch and -0.7 for HEAD.
I think we need a back-patch of *something*. It's pure luck that wrasse
hasn't shown problems already. I don't want to be rediscovering this
issue a year from now when somebody back-patches some test requiring
subtests.
regards, tom lane
