Re: Apache and perl CGI
- From: Bogart Salzberg <webmaster@xxxxxxxxxxx>
- Date: Mon, 3 Dec 2007 10:09:00 -0500
Perl has a "taint" mode (add switch "-T" to the command line or shebang line, as in "#!/usr/bin/perl -T"). The taint mode, I think, prevents user input from being used in unsafe operations until it is filtered by a regular expression.
Taint mode is not as comprehensive as PHP's safe mode. Type "perldoc perlsec" on the command line for a good tutorial on security in Perl.
Perl also does not have a built-in "mail" function.
For timing out an HTTP request, see Apache's "Timeout" directive.
HTH
Bogart
On Dec 2, 2007, at 5:03 PM, Misko wrote:
I am starting creating pages with perl and have some question.
I want to know if perl has something similar to PHPs safe mode.
Especialy if there are some limitation for how long script can run
(PHP has usually 30 second limit) and if perl can have disabled
some features (as fsocketopen() and mail() in PHP)?
Thanks,
Misko
--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
- Follow-Ups:
- Re: Apache and perl CGI
- From: Patter
- Re: Apache and perl CGI
- References:
- Apache and perl CGI
- From: Misko
- Apache and perl CGI
- Prev by Date: Re: SUDO
- Next by Date: Re: PII fast enough for firewall
- Previous by thread: Apache and perl CGI
- Next by thread: Re: Apache and perl CGI
- Index(es):
Relevant Pages
|
