On 9/20/2012 4:36 PM, Guenter Knauf wrote:
Am 20.09.2012 16:56, schrieb Guenter Knauf:
Am 20.09.2012 16:16, schrieb Guenter Knauf:
Am 20.09.2012 16:02, schrieb Jeff Trawick:
We shouldn't have scripts which, out of the box, leak information
about the system or configuration.
ok, I change the script in a way as printenv has (make shebang
in-active);
done:
http://svn.apache.org/viewvc?rev=1388054&view=rev
from trunk/Makefile.win line 1043ff:
copy docs\cgi-examples\printenv "$(INSTDIR)\cgi-bin\printenv.pl" <.y
-awk -f <<script.awk "docs/cgi-examples/printenv" >
"$(INSTDIR)\cgi-bin\printenv.pl"
BEGIN {
if ( "perl -e \"print $$^X;\"" | getline perlroot ) {
gsub( /\\/, "/", perlroot );
print "#!" perlroot;
}
}
{
if ( $$0 !~ /^#!/ ) {
print $$0;
}
}
<<
so this is the place where the shebang gets fixed for printenv.pl thus
making it executable unless perl is not in search path ...
shouldnt we then remove this part and only copy it unchanged?
These are samples, I think they should be executable. I personally do
not like the fact that ScriptAlias is enabled by default. I think that
is as much a concern.
Regards,
Gregg
