Problem with taint
[prev]
[thread]
[next]
[Date index for 2005/05/21]
Hi,
I installed the new release of ModPerl2 today. I've not used any of the
betas previously so am not sure if the problem is specific to this
version or not. In my PerlResponseHandler I have the following code:
sub handler {
my $r = shift;
my( $path ) = $r->filename()=~/^(.*)$/;
eval{ require $path };
$r->content_type('text/plain');
if( $@ ){
$r->print($@) if $@;
} else {
$r->print("Required $path success");
}
return Apache2::Const::OK();
}
I get the following message printed out:
"Insecure dependency in eval while running setgid at
/var/www/devel/perl_modules/MyApache/Handler.pm"
Why? Everything is untainted... I'm not using suexec. I'm using
apache2-mpm-fork if that makes any difference, although I doubt it does.
I can require the module from a script using PerlRequire fine, however I
need to be able to dynamically require modules inside my
PerlResponseHandler...
Thanks,
Mike
--
Digital photo printing - http://www.fotoserve.com/
 |
Problem with taint
Mike Cardwell 10:10 on 21 May 2005
|
