perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matt Carothers <m...@telepath.com>
Subject Re: bogus taint error?
Date Mon, 03 Jul 2000 15:49:15 GMT


On Sun, 2 Jul 2000, Michael Blakeley wrote:

> This is just plain weird. My last resort was to turn taint off:
> 
> $ ls -l logs/httpd.pid
> -rw-rw-rw-   1 root     other          6 Jul  2 19:23 logs/httpd.pid
> $ grep -i taint conf/httpd.conf
> #PerlTaintCheck On
> $ ls -l conf/httpd.conf
> -rw-r--r--   1 root     other       7437 Jul  2 17:22 conf/httpd.conf
> 
> I'm not including any sort of startup.pl file. So taint is off, right?

Is the script running setuid or setgid?  If the script's real and effective
uids or gids don't match, perl enables taint mode automatically.  You might
add some debugging code to verify that $< == $> and $( == $).

- Matt


Mime
View raw message