mgraham wrote: > Maybe another approach would be to explicitly list the handlers that > are allowed to be used in any given context. Kind of > like 'Options', but for perl handlers. Something like 'PerlOptions', > perhaps? > > <Location /users> > PerlOptions "My::AuthHandler My::ContentHandler My::TransHandler" > </Location> That's a neat idea. The only quibble I can think of is that this doesn't go far enough. This lower level of privilege we're talking about is one in which - 1) Only specific Perl modules are available (or ones in specific paths; no literal 'sub { ... }' handlers) 2) PerlSetEnv (and PerlPassEnv?) aren't usable 3) PERL5LIB isn't changeable 4) <Perl> sections are unavailable -- Richard Goerwitz [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
- RE: security suggestion Christian Gilmore
- Re: security suggestion Gunther Birznieks
- Apache::VirtualHostRegistry Nigel Hamilton
- Re: Apache::VirtualHostRegistry Matthew Byng-Maddick
- Re: Apache::VirtualHostRegistry Gunther Birznieks
- Re: Apache::VirtualHostRegistry Matthew Byng-Maddick
- Re: security suggestion Richard L. Goerwitz
- Re: security suggestion Randal L. Schwartz
- Re: security suggestion Richard L. Goerwitz
- RE: security suggestion mgraham
- Re: security suggestion Richard L. Goerwitz
- Re: security suggestion Randal L. Schwartz
- Re: security suggestion Richard L. Goerwitz
- Re: security suggestion Gunther Birznieks
- Re: security suggestion Richard Goerwitz
- Re: security suggestion Gunther Birznieks
- Re: security suggestion Richard L. Goerwitz
- Re: security suggestion Gunther Birznieks
- Re: security suggestion Dave Kaufman
- Re: security suggestion Dave Kaufman
- RE: security suggestion Doug MacEachern