cleanup un-taint code

script/munin-httpd

@@ -27,9 +27,6 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 use strict;
 use warnings;
 
-# Trust PERL5LIB from environment
-use lib map { /(.*)/ } split(/:/, ($ENV{PERL5LIB} || ''));
-
 package Munin::Master::Http;
 
 use HTTP::Server::Simple::CGI::PreFork;
@@ -61,7 +58,5 @@ sub handle_request
 
 package main;
 
-$ENV{PATH} = '/usr/bin:/bin';
-
 # start the server on port 4948
 Munin::Master::Http->new(4948)->run(prefork => 1, max_servers => 10);

script/munin-node

@@ -26,9 +26,6 @@
 use strict;
 use warnings;
 
-# Trust PERL5LIB from environment
-use lib map { /(.*)/ } split(/:/, ($ENV{PERL5LIB} || ''));
-
 use Getopt::Long;
 
 use Munin::Common::Defaults;
@@ -92,11 +89,6 @@ sub main
         conf_file    => $conffile,
     );
 
-    # Untaint $0 after Munin::Node::Server has had a chance of getting
-    # the original value
-    $0 =~ /([^\/]*)$/;
-    $0 = $1;
-
     return 0;
 }
 

script/munin-node-configure

@@ -32,7 +32,6 @@ my $config = Munin::Node::Config->instance();
 my @all_families     = qw/auto manual contrib/;
 my @default_families = qw/auto/;
 
-
 sub main
 {
 	parse_args();

script/munin-run

@@ -25,9 +25,6 @@
 use strict;
 use warnings;
 
-# Trust PERL5LIB from environment
-use lib map { /(.*)/ } split(/:/, ($ENV{PERL5LIB} || ''));
-
 use Getopt::Long;
 
 use Munin::Common::Defaults;
@@ -47,20 +44,8 @@ my $paranoia = 0;
 
 my $config = Munin::Node::Config->instance();
 
-
 sub main
 {
-    # "Clean" environment to disable taint-checking on the environment. We _know_
-    # that the environment is insecure, but we want to let admins shoot themselves
-    # in the foot with it, if they want to.
-    foreach my $key (keys %ENV) {
-        $ENV{$key} =~ /^(.*)$/;
-        $ENV{$key} = $1;
-    }
-
-    $0 =~ /^(.*)$/;
-    $0 = $1;
-
     my ($plugin, $arg) = parse_args();
 
     # Loads the settings from munin-node.conf.