With regard to yesterday's "Cryptic errors -simple Apache::Registry
script ??? (newbie)" post, I have discovered some more information. Not
that it clarifies my understanding of the error much.
By hacking (process of elimination) I have discovered that when I turn
off taint checking in my httpsd.conf the script (helloworld.pl) runs and
produces no errors. On 634 of the eagle book, it says that
PerlTaintCheck will activate taint checks on ... user provided data ...
dangerous functions such as exec(), eval(), and system(). This seems
like a wise precaution.
I don't see where the user name is getting execed, evaled, or supplied
to a system call. Can anyone explain this to my pea brain?
Also, What would I have to do with the parameter value to make mod_perl
think I had "untainted" the value?
John Walker
_________________________
Special Projects Manager, JSW4.NET
[EMAIL PROTECTED]
http://www.jsw4.net/
