On Sat, 2008-03-22 at 15:12 +0100, Stefan Fritsch wrote: > On Monday 18 February 2008, Jack Bates wrote: > > I guess it'd be too complicated to ask for mod_env and suEXEC to > > cooperate, so if a user deliberately sets PERL5LIB in a .htaccess > > file, suEXEC passes it to the Perl CGI? > > This would require suexec to parse .htaccess files. This is not > something we want. What about parsing a system config file (like suPHP parses /etc/suphp/suphp.conf) listing "safe" environment variables? > BTW, you can set PERL5LIB in the BEGIN block of your perl cgi scripts. > I don't see why this needs to be done in the .htaccess. The BEGIN block doesn't work for me because I'm running an application (Koha: http://koha.org/) with more than 100 scripts. Adding BEGIN blocks to each script isn't viable... Thanks for your suggestion, Jack
Attachment:
signature.asc
Description: This is a digitally signed message part