Re: php safe mode, perl cgi system calls

To: debian-user@lists.debian.org
Subject: Re: php safe mode, perl cgi system calls
From: "Matus \"fantomas\" Uhlar" <uhlar@fantomas.sk>
Date: Tue, 1 Oct 2002 16:56:20 +0200
Message-id: <[🔎] 20021001145620.GA965@fantomas.sk>
Mail-followup-to: "Matus \"fantomas\" Uhlar" <uhlar@fantomas.sk>, debian-user@lists.debian.org
In-reply-to: <[🔎] 02d201c26952$18fe29e0$1442a8c0@MARCO>
References: <1033048838.5563.6.camel@justin> <20020926141054.GB20304@con-fuse.org> <[🔎] 02d201c26952$18fe29e0$1442a8c0@MARCO>

-> i want to secure my apache!
-> 
-> to turn safemode in php.ini off is one thing

and not enough - you need to limit files opening (open_basedir, doc_root),
and some other stuff probably

-> what simulare things can i do to limit perl? i dont think there is any
-> simulare thing. the only way to be sure that no wrong cgi-bin is getting on
-> the server is to check each perl file and make it accessable by users
-> manually.

I am afraid you can't do it safe in perl.

I am thinking about runnign perl scripts with mod_perl and using Safe perl
module but I haven't seen it running anywhere...

-- 
 Matus "fantomas" Uhlar, uhlar@fantomas.sk ; http://www.fantomas.sk/
 Warning: I don't wish to receive spam to this address.
 Varovanie: Nezelam si na tuto adresu dostavat akukolvek reklamnu postu.
 LSD will make your ECS screen display 16.7 million colors

Reply to:

References:
- php safe mode, perl cgi system calls
  - From: "Marco Kammerer" <m.kammerer_SL@gmx.at>

Prev by Date: Re: Imap/Samba
Next by Date: Re: KDE2 helloworld.cpp
Previous by thread: php safe mode, perl cgi system calls
Next by thread: Woody - New Install Chroot Failure .. segmentation fault
Index(es):
- Date
- Thread