On Wed, Nov 28, 2001 at 04:31:07PM -0800, Kenny Smith wrote:
> Hello,
>
> I'm using mod_perl as a replacement for CGI. We are getting strange behavior
> where $ENV{'REMOTE_USER'} isn't being set correctly.
>
> The script is protected by an .htaccess type of authentication, so when I
> log in as 'kenny', $ENV{'REMOTE_USER'} should be equal to 'kenny'. However,
> every once in awhile, $ENV{'REMOTE_USER'} will be equal to someone else's
> login name, even though I'm still logged in as 'kenny' when I execute the
> script. Does that make sense?
>
> This system was working fine for 2 months or more, but recently the number
> of users and the load on the machine has increased, and we have started
> seeing the problem.
>
> My theory is that %ENV is shared between requests and user 'bob' is
> executing the script in the middle of my execution and $ENV{'REMOTE_USER'}
> is getting overwritten in my execution with 'bob'. I believe the script is
> taking longer to execute due to the load time which increases the window of
> opportunity for REMOTE_USER to be clobbered.
>
> Software involved:
>
> apache 1.3.12
> mod_perl 1.24
> solaris 5.7
> perl 5.005_03
I believe that we fixed an environment corruption bug (at least for the
DSO case, possibly static) sometime right after 1.24 was released.
--
Daniel Jacobowitz Carnegie Mellon University
MontaVista Software Debian GNU/Linux Developer
