Re: Apache and perl CGI
Perl has a "taint" mode (add switch "-T" to the command line or
shebang line, as in "#!/usr/bin/perl -T"). The taint mode, I think,
prevents user input from being used in unsafe operations until it is
filtered by a regular expression.
Taint mode is not as comprehensive as PHP's safe mode. Type "perldoc
perlsec" on the command line for a good tutorial on security in Perl.
Perl also does not have a built-in "mail" function.
For timing out an HTTP request, see Apache's "Timeout" directive.
On Dec 2, 2007, at 5:03 PM, Misko wrote:
I am starting creating pages with perl and have some question.
I want to know if perl has something similar to PHPs safe mode.
Especialy if there are some limitation for how long script can run
(PHP has usually 30 second limit) and if perl can have disabled
some features (as fsocketopen() and mail() in PHP)?
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact