>>I think the first thing to lookat is how PHP builds the jail. >> > > two different issues, no? one is about normal cgi/registry scripts > and the other about accessing areas of the server through the API. > > but yes, registry scripts would need some sort of protection as well.
I cannot see where registry scripts differ from handlers, from the access to internals point of view. Once you run under mod_perl it doesn't matter what you do. You've to have protection at the startup (loading user's modules) and at any point at run time, be it a handler or a registry script. _____________________________________________________________________ Stas Bekman JAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide http://perl.apache.org/guide mailto:[EMAIL PROTECTED] http://ticketmaster.com http://apacheweek.com http://singlesheaven.com http://perl.apache.org http://perlmonth.com/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
