Re: Apache and perl CGI

To: Misko <adatrg-mlist@yahoo.com.au>
Cc: debian users <debian-user@lists.debian.org>
Subject: Re: Apache and perl CGI
From: Bogart Salzberg <webmaster@inkfist.com>
Date: Mon, 3 Dec 2007 10:09:00 -0500
Message-id: <[🔎] FBE0453C-B3F2-4791-86CC-CBCB632E5ADF@inkfist.com>
In-reply-to: <[🔎] 20071202220344.GB5137@alfa.qvirt.zxc>
References: <[🔎] 20071202220344.GB5137@alfa.qvirt.zxc>

Perl has a "taint" mode (add switch "-T" to the command line orshebang line, as in "#!/usr/bin/perl -T"). The taint mode, I think,prevents user input from being used in unsafe operations until it isfiltered by a regular expression.

Taint mode is not as comprehensive as PHP's safe mode. Type "perldocperlsec" on the command line for a good tutorial on security in Perl.


Perl also does not have a built-in "mail" function.

For timing out an HTTP request, see Apache's "Timeout" directive.

HTH

Bogart

On Dec 2, 2007, at 5:03 PM, Misko wrote:

I am starting creating pages with perl and have some question.
I want to know if perl has something similar to PHPs safe mode.
Especialy if there are some limitation for how long script can run
(PHP has usually 30 second limit) and if perl can have disabled
some features (as fsocketopen() and mail() in PHP)?

Thanks,
Misko


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org

with a subject of "unsubscribe". Trouble? Contactlistmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: Apache and perl CGI
  - From: Patter <steve@patter.mine.nu>

References:
- Apache and perl CGI
  - From: Misko <adatrg-mlist@yahoo.com.au>

Prev by Date: Re: SUDO
Next by Date: Re: PII fast enough for firewall
Previous by thread: Apache and perl CGI
Next by thread: Re: Apache and perl CGI
Index(es):
- Date
- Thread