@@ -274,14 +274,17 @@ default.
274274
275275For "Insecure C<$ENV{PATH}>" messages, you need to set C<$ENV{'PATH'}> to
276276a known value, and each directory in the path must be absolute and
277- non-writable by others than its owner and group. You may be surprised to
278- get this message even if the pathname to your executable is fully
279- qualified. This is I<not> generated because you didn't supply a full path
280- to the program; instead, it's generated because you never set your PATH
281- environment variable, or you didn't set it to something that was safe.
282- Because Perl can't guarantee that the executable in question isn't itself
283- going to turn around and execute some other program that is dependent on
284- your PATH, it makes sure you set the PATH.
277+ non-writable by others than its owner and group. Notice that, at least on
278+ Unix-like environments, an empty component of the PATH may be interpreted
279+ as if it were C<.> (the local directory), which will also trigger this
280+ message. You may be surprised to get this message even if the pathname
281+ to your executable is fully qualified. This is I<not> generated because
282+ you didn't supply a full path to the program; instead, it's generated
283+ because you never set your PATH environment variable, or you didn't set
284+ it to something that was safe. Because Perl can't guarantee that the
285+ executable in question isn't itself going to turn around and execute some
286+ other program that is dependent on your PATH, it makes sure you set the
287+ PATH.
285288
286289The PATH isn't the only environment variable which can cause problems.
287290Because some shells may use the variables IFS, CDPATH, ENV, and
0 commit comments