Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

mod_perl

Status
Not open for further replies.
btaber

btaber

Programmer
May 26, 2002
307
US
I have been using mod_perl lately because it speeds things up greatly. Here's the problem. I tried to execute a shell command from within a test script, ie. $me=`pwd`, but it looks like it runs as root, because I can do like ls /var and get everything and read them too. This is BAD, what happens if I get a malicious user on my system? I can't possibly look at everyone's scripts and make sure they are ok.... is there a configuration directive I am missing?

B
 
Sort by date Sort by votes
You should be able to read [tt]/var[/tt]. Just make sure that you aren't able to write to the directory. //Daniel
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

youradds
  • Locked
  • Question
mod_perl "sharing" wrong files in cache???
Replies
1
Views
104
youradds
youradds
PaulReed
  • Locked
  • Question
Installing Mod_Perl but can't find Apache/src
Replies
2
Views
64
PaulReed
PaulReed
PaulReed
  • Locked
  • Question
Looking for someone good with Apache and Mod_perl
Replies
6
Views
102
PaulReed
PaulReed
Jiminald
  • Locked
  • Question
Mod_Perl on Apache2.2
Replies
0
Views
56
Jiminald
Jiminald
widdgetz
  • Locked
  • Question
mod_perl design concept questions 1
Replies
1
Views
40
NullTerminator
NullTerminator

Part and Inventory Search

Sponsor

Back
Top