perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Perrin Harkins" <>
Subject Re: Current working directory always "/"
Date Thu, 22 May 2008 19:39:49 GMT
On Thu, May 22, 2008 at 5:50 AM, william <> wrote:
> Btw, could you tell me how does full paths increase security ?

It prevents some attacks based on tricking your application into
working on different files.  If you don't assume a certain working
directory, you won't be compromised if someone finds a way to change

Using absolute paths is pretty common advice, e.g.:

- Perrin

View raw message