In Perl, the global associative array %ENV contains the current environment variables of the process. Any manipulation of this hash directly affects the environment of the process and, accordingly, the child processes spawned via system, exec, open, etc.
Example usage:
print $ENV{"HOME"}; # Get the path to the user's home directory $ENV{"PATH"} = "/usr/bin"; # Rewrite the PATH variable
Nuances:
%ENV immediately affect all future shell commands run from this Perl process.undef or deleting an element removes the corresponding environment variable.%ENV, especially in CGI or system scripts.exists $ENV{"VAR"}.Does the operation
$ENV{"MYVAR"} = undefremove the environment variable?
Answer: No! It simply assigns the variable the value undef, but the key remains in the hash! To remove an environment variable, use delete $ENV{"MYVAR"}.
# DOES NOT remove the variable from the environment $ENV{"FOO"} = undef; # Correct — removes delete $ENV{"FOO"};
Story
On a web server, when clearing the environment for security, the programmer assigned undef instead of deleting variables. The variables did not disappear and could be exploited by attackers, leading to command execution vulnerabilities with dangerous paths in PATH.
Story
When passing environment variables to subprocesses, old variables were never removed, causing unexpected crashes in executing third-party utilities and incorrect program behavior.
Story
In an attempt to clear the entire environment for a child process, the script simply did %ENV = ();, but without checking for the necessary variables beforehand. This caused crashes, as several services require mandatory environment keys (e.g., USER or localization variables).