The following reply was made to PR mod_cgi/3230; it has been noted by GNATS.
From: Marc Slemko <[EMAIL PROTECTED]>
To: Daniel Lenox <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED]
Subject: Re: mod_cgi/3230: Insecure $ENV{PATH} while running setuid at
/home/xxx/cgi-bin/sendmail.pl
Date: Sat, 17 Oct 1998 15:54:40 -0700 (PDT)
That is fine, but it is still not an Apache issue but a perl one.
On Sat, 17 Oct 1998, Daniel Lenox wrote:
> Marc,
> Thanks for responding, the script works fine when executed
> from the command prompt, only through apache does this happen
>
> Dan
>
> [EMAIL PROTECTED] wrote:
>
> > [In order for any reply to be added to the PR database, ]
> > [you need to include <[EMAIL PROTECTED]> in the Cc line ]
> > [and leave the subject line UNCHANGED. This is not done]
> > [automatically because of the potential for mail loops. ]
> > [If you do not include this Cc, your reply may be ig- ]
> > [nored unless you are responding to an explicit request ]
> > [from a developer. ]
> > [Reply only with text; DO NOT SEND ATTACHMENTS! ]
> >
> > Synopsis: Insecure $ENV{PATH} while running setuid at
> > /home/xxx/cgi-bin/sendmail.pl
> >
> > State-Changed-From-To: open-closed
> > State-Changed-By: marc
> > State-Changed-When: Sat Oct 17 15:41:11 PDT 1998
> > State-Changed-Why:
> > This has nothing to do with Apache, but is completely a perl
> > thing. Please see the perl FAQ or documentation or ask in a
> > perl related support forum.
>
>
>
> --
> ---------------------------------------------------------------------------------
> SSIX Corporation
> Solutions, Systems and Information Technologies
>
> Website http://www.ssix.com
> weBBS http://www.ssix.com/bbs
> ---------------------------------------------------------------------------------
>
>
>
