On Mon, 4 Sep 2000, Michael Blakeley wrote:
I've been running with AP616 and Taint On for three days now, and it
seems to have fixed my problems. I hope so. I really hope so.
still looking good? would be good to know if this isn't a problem on the
mod_perl side :)
At 11:52 AM -0700 9/27/2000, Doug MacEachern wrote:
On Mon, 4 Sep 2000, Michael Blakeley wrote:
I've been running with AP616 and Taint On for three days now, and it
seems to have fixed my problems. I hope so. I really hope so.
still looking good? would be good to know if this isn't a
At 3:58 PM -0700 7/25/2000, Michael Blakeley wrote:
Solaris 2.6, Perl 5.6, apache 1.3.9, mod_perl 1.24.
I see intermittent Apache error_log entries like:
[Mon Jul 24 04:08:02 2000] [error] Insecure dependency in require
while running with -T switch at (eval 85) line 3.
OK, I (normally) run
I see intermittent Apache error_log entries like:
[Mon Jul 24 04:08:02 2000] [error] Insecure dependency in require
while running with -T switch at (eval 85) line 3.
...
I suspect MIME::Lite, but the code won't work if I remove it
Yes, MIME::Lite needs special treatment to be taint-safe.
At 11:03 PM + 7/26/2000, Jeremy Howard wrote:
I see intermittent Apache error_log entries like:
[Mon Jul 24 04:08:02 2000] [error] Insecure dependency in require
while running with -T switch at (eval 85) line 3.
...
I suspect MIME::Lite, but the code won't work if I remove it
I'm only passing scalar text to MIME::Lite - no file attachments, so
it shouldn't open(). Anyway, if it were, why don't I see "Insecure
dependency in open" instead of "...in require"?
Yes, good point. The open() is only used for sendmail, not for Net::SMTP
anyway.
Perhaps you need to add
Solaris 2.6, Perl 5.6, apache 1.3.9, mod_perl 1.24.
I see intermittent Apache error_log entries like:
[Mon Jul 24 04:08:02 2000] [error] Insecure dependency in require
while running with -T switch at (eval 85) line 3.
Here's what perldiag says:
Insecure dependency in %s
(F)