> I'd have no problem if mod_perl was set up to turn off > PerlSetEnv, lit- > eral 'sub { ... }' handlers, Perl sections, and the use of > Perl modules > in non-system paths (except where ExecCGI is turned on). Maybe another approach would be to explicitly list the handlers that are allowed to be used in any given context. Kind of like 'Options', but for perl handlers. Something like 'PerlOptions', perhaps? <Location /users> PerlOptions "My::AuthHandler My::ContentHandler My::TransHandler" </Location> Michael --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
- Re: security suggestion Richard L. Goerwitz
- RE: security suggestion Christian Gilmore
- Re: security suggestion Gunther Birznieks
- Apache::VirtualHostRegistry Nigel Hamilton
- Re: Apache::VirtualHostRegistry Matthew Byng-Maddick
- Re: Apache::VirtualHostRegistry Gunther Birznieks
- Re: Apache::VirtualHostRegistry Matthew Byng-Maddick
- Re: security suggestion Richard L. Goerwitz
- Re: security suggestion Randal L. Schwartz
- Re: security suggestion Richard L. Goerwitz
- Re: security suggestion mgraham
- Re: security suggestion Richard L. Goerwitz
- Re: security suggestion Randal L. Schwartz
- Re: security suggestion Richard L. Goerwitz
- Re: security suggestion Gunther Birznieks
- Re: security suggestion Richard Goerwitz
- Re: security suggestion Gunther Birznieks
- Re: security suggestion Richard L. Goerwitz
- Re: security suggestion Gunther Birznieks
- Re: security suggestion Dave Kaufman
- Re: security suggestion Dave Kaufman