Click here to get back home

mod_perl
 HomeNewsGroups | Search | About
Login Password
Register Now!
 comp.lang.perl.modules    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
mod_perl Jim Carlock 10-13-2008
`--> Re: mod_perl Big and Blue10-13-2008
Get Chitika Premium
Posted by Jim Carlock on October 13, 2008, 3:18 pm
Please log in for more thread options

: The first method, which I did not document at the following link,
: involves setting some keys to use the Perl.exe (executable) to
: run all .pl files and it requires a line inside ALL .pl documents
: to point where to the executable Perl.exe. And I did get that to
: work, but that's not the route I took as I'm more into getting
: mod_perl to run ALL files with the appropriate extension. And I
: believe I'm successful in this regards. But the PerlTaintCheck
: I've not quite figured out yet. Any suggestions?
:
: http://www.microcosmotalk.com/tech/mod_perl/

I'm prepared to state that mod_perl does NOT use and can NOT use
PertTaintCheck. I need some comfirmation from others before I make
this claim. It appears that Apache uses PerlTaintCheck to call
Perl.exe with specific parameters. But before I claim that to be
true, does anyone know what's going on? Is anyone else here
interested in this topic? I'm just going to crosspost this.

mod_perl is installed as follows in my httpd.conf file...

<snip file="httpd.conf">
# mod_perl 5.8 build
# LoadFile "C:/Program Files/ActiveState/Perl/bin/perl58.dll"

# mod_perl 5.10 build
LoadFile "C:/Program Files/ActiveState/Perl/bin/perl510.dll"
LoadModule perl_module modules/mod_perl.so

# ...
# ...
# other Apache directives
# ...
# ...

<IfModule alias_module>
<IfModule mime_module>
# ...
# ...
# ...

<Files ~ "\.(pl|plx)$">
# DefaultType text/html # This DOES NOT work/commented out
SetHandler perl-script
Options ExecCGI
PerlHandler ModPerl::Registry
PerlSendHeader On
# PerlTaintCheck On # This does NOT work/commented out
# PerlWarn On # This does NOT work/commented out
</Files>
</IfModule>
</IfModule>

# ...
# ...
# ...
</snip>

--
Jim Carlock
Vote Ralph Nader
(George Bush Groupies: Sarah Palin And John McCain Say So)
http://www.votenader.org/


Posted by Big and Blue on October 13, 2008, 7:22 pm
Please log in for more thread options

Jim Carlock wrote:

>
> I'm prepared to state that mod_perl does NOT use and can NOT use
> PertTaintCheck.

Should be fairly easy to confirm. Just write some code that would fail
taint checking and load it into mod_perl at Apache startup. Then look
for errors. If there are some it works, if there aren't it doesn't.

> It appears that Apache uses PerlTaintCheck to call
> Perl.exe with specific parameters.

??? I only ever use Unix/Linux with mod_perl so may be barking up the
wrong tree here, but why would perl.exe be involved? I'd expect it to
be using the shared library (perl*.dll) rather then any executable.




--
Just because I've written it doesn't mean that
either you or I have to believe it.

Similar ThreadsPosted
CGI.pm and ModPerl::Registry December 21, 2007, 11:20 pm
modperl and apache handlers December 28, 2004, 5:38 am
CPAN conflict issue - CGI.pm vs ModPerl::Registry September 25, 2006, 12:42 pm

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap