Marvin, Have you tried this from the docs?:
UNTAINT You must use this option whenever you use Perl's -T switch, for taint checking. This option tells Inline to blindly untaint all tainted variables. It also turns on SAFEMODE by default. See the UNTAINT shortcut below. SAFEMODE Perform extra safety checking, in an attempt to thwart malicious code. This option cannot guarantee security, but it does turn on all the currently implemented checks. There is a slight startup penalty by using SAFEMODE. Also, using UNTAINT automatically turns this option on. If you need your code to start faster under -T (taint) checking, you'll need to turn this option off manually. Only do this if you are not worried about security risks. See the UNSAFE shortcut below. Patrick On 7/6/05, Marvin Humphrey <[EMAIL PROTECTED]> wrote: > Greets, > > I've got a whole bunch of stuff in Kinosearch rewritten in Inline C, > and it's going great! But there's a snag. When I run my cgi script > in with -T to enable taint mode, Apache bombs out with an internal > server error: > > [Wed Jul 06 17:20:37 2005] [error] [client 24.21.47.23] Insecure > dependency in require while running with -T switch at blib/lib/ > Inline.pm (autosplit into blib/lib/auto/Inline/find_temp_dir.al) line > 1247. > [Wed Jul 06 17:20:37 2005] [error] [client 24.21.47.23] BEGIN failed-- > compilation aborted at /usr/local/lib/perl5/site_perl/5.8.5/Search/ > Kinosearch/KSearch/ResultSet.pm line 1088. > [Wed Jul 06 17:20:37 2005] [error] [client 24.21.47.23] Compilation > failed in require at /usr/local/lib/perl5/site_perl/5.8.5/Search/ > Kinosearch/QueryParser.pm line 6. > [Wed Jul 06 17:20:37 2005] [error] [client 24.21.47.23] BEGIN failed-- > compilation aborted at /usr/local/lib/perl5/site_perl/5.8.5/Search/ > Kinosearch/QueryParser.pm line 6. > [Wed Jul 06 17:20:37 2005] [error] [client 24.21.47.23] Compilation > failed in require at (eval 3) line 3. > [Wed Jul 06 17:20:37 2005] [error] [client 24.21.47.23] > \t...propagated at /usr/local/lib/perl5/5.8.5/base.pm line 85. > [Wed Jul 06 17:20:37 2005] [error] [client 24.21.47.23] BEGIN failed-- > compilation aborted at /usr/local/lib/perl5/site_perl/5.8.5/Search/ > Kinosearch/KSearch.pm line 6. > [Wed Jul 06 17:20:37 2005] [error] [client 24.21.47.23] Compilation > failed in require at /usr/local/www/cgi-bin/uscon_search.cgi line 9. > [Wed Jul 06 17:20:37 2005] [error] [client 24.21.47.23] BEGIN failed-- > compilation aborted at /usr/local/www/cgi-bin/uscon_search.cgi line 9. > [Wed Jul 06 17:20:37 2005] [error] [client 24.21.47.23] Premature end > of script headers: uscon_search.cgi > > If I have done what I intended to do, no information from a web form > makes it into the C portion of the Kinosearch engine. The idea was > that the search query that you enter determines the data that gets > sucked off disk and chewed by Inline C, but the formdata itself stays > in Perl, making it a lot harder to exploit any security holes. It's > possible that I've overlooked something, but is there another > explanation for the error? > > Marvin Humphrey > Rectangular Research > http://www.rectangular.com/ > > -- ===================== Patrick LeBoutillier Laval, Québec, Canada
