[prev in list] [next in list] [prev in thread] [next in thread]
List: apache-modperl
Subject: Re: Trouble with mod_perl, Archive::Zip and taint mode
From: Roberto =?iso-8859-1?Q?C=2E_S=E1nchez?= <roberto () connexer ! com>
Date: 2008-05-30 1:35:56
Message-ID: 20080530013556.GC22820 () connexer ! com
[Download RAW message or body]
On Tue, May 27, 2008 at 05:48:14PM -0400, Perrin Harkins wrote:
> On Sun, May 25, 2008 at 3:45 PM, Roberto C. Sánchez
> > [Sun May 25 08:57:35 2008] [error] [asp] [11570] [error] error executing
> > code for include /var/www/templates/Photo_page_edit.tmpl: Insecure
> > dependency in open while running setgid at /usr/lib/perl/5.8/IO/File.pm
> > line 70. <--> ; compiled to SCALAR(0x91f6f24) at
> > /usr/share/perl5/Apache/ASP/Response.pm line 844. <--> ,
> > /usr/share/perl5/Apache/ASP.pm line 1521
>
> You may be seeing the same problem that these people had:
> http://mail-archives.apache.org/mod_mbox/perl-modperl/200705.mbox/%3cD4E105722D20344AA9F50C624B1C24EE0B2E1932@LDNPCMEU301VEUA.INTRANET.BARCAPINT.COM%3e
>
> If so, upgrading to Perl 5.8.8+ and mod_perl 2.0.3+ will probably fix it.
>
That was it. Etch already has Perl 5.8.8, but only mod_perl 2.0.2.
Updating to 2.0.4 cause that particular error to go away. Of course I
have a different one now, but I am working on tracking it down.
> > P.S. The server running this site is Debian Etch, so unfortunately, I
> > cannot use Archive::Extract which is included in Perl 5.10.0.
>
> Just because it's not part of the core perl libs doesn't mean you
> can't install it. This problem is probably fixable by upgrading Perl
> or mod_perl though.
>
Of course, except that if I install it, as soon as I upgrade the server
to the next Debian release, I will have a conflict. That is why I was
trying to avoid installing it "out of band", so to speak.
Thanks for the tip on the mailing list thread.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic