> =item BINARY (0)
> =item ASCII (1)
> =item EBCDIC (2)
> =item UTF_8 (3)
> =item UTF_32 (4)
> =item NATIVE_1 (5) through NATIVE_3 (7)
A little more complex, but why not use bits 3-7 as actual flags:
7|6|5|4|3|2|1|0
0 0 0 0 1 x x x = UTF && UTF_8
0 0 0 1 1 x x x = UTF && UTF_32
x x 1 0 1 x x x =
Dear Hong,
This was actually a reply to a posted link for a C/C++ replacement GC
(http://www.hpl.hp.com/personal/Hans_Boehm/gc/), not the default GC from any
particular C package.
Grant M.
I agree about the CGI stuff, as the username should always be the same
anyway, so it can be defined separately for that user. I do believe that we
need to at least take CGI scripts into account, however.
Some questions:
1.> you wrote: "Generally speaking we ought to have the capability to us
I just went through the Java Document quickly, and came up with these notes.
The document is pretty old, so I'll go over the security section in my Java2
book over the weekend. Some of these may actually change my original doc. I'll
update it as I get a chance. ('SecMgr' is short for Security Mana
#
# PerlSec.txt - Early definition of a Perl security model
# Grant Mongardi 02/23/2001
#
# Description:
#This file contains general thoughts and ideas for a
#Security model for Perl. It would likely be builtin
#to the binary, and would be a PERL run-time loaded
#confi
That's somewhat along the lines that I'm thinking. It would have to be
Perl-core. I was also thinking from the standpoint of command-line stuff as
well (there are any number of ways to launch perl that aren't relative to cgi).
As far as the Java Model, I plan on taking a look at it over the wee
I actually have some ideas:
(Apache was a bad example. Sendmail would probably be a better model.)
o Scripts are only executable if listed in 'perl.cf'
o Web/CGI scripts are listed in 'cgi.cf'
o Other specific conditionals(?):
o Execute if $ENV{REMOTE_USER}/$user is defined/valid
Just curious, has anyone ever had any discussion regarding a 'security-aware'
Perl model? Some issues have recently ended up on my desk, and I been having
some preliminary thoughts on the subject. It would be nice to be able to set
some rules for what Perl is allowed to do on a server without havi