it came from my program reading a configuration file. When Taint Check (-T in perl or PerlSwitches +T
or TaintCheck On in httpd.conf) is turned on, any file handle is thought to be tainted.
In this case, I knew my script is reading a READ-ONLY configuration file. I used the
IO::Handle::untaint(*MYINPUTFILE) to remove the trouble. Hopfully, this may help the
next person who run into similar situation.
It looks that you have to be careful when using the taint check.
It would be better to put into the doc somewhere saying if you turn on taint and saw the error message
ModPerl::Registry: Insecure dependency
The go back to your source code and read Perl Security Section of any Perl Book carefully.
Kemin
********************************************************************** Proprietary or confidential information belonging to Ferring Holding SA or to one of its affiliated companies may be contained in the message. If you are not the addressee indicated in this message (or responsible for the delivery of the message to such person), please do not copy or deliver this message to anyone. In such case, please destroy this message and notify the sender by reply e-mail. Please advise the sender immediately if you or your employer do not consent to e-mail for messages of this kind. Opinions, conclusions and other information in this message represent the opinion of the sender and do not necessarily represent or reflect the views and opinions of Ferring. **********************************************************************
-- Report problems: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html List etiquette: http://perl.apache.org/maillist/email-etiquette.html
