Hi Michael,

Thanks for your response. Yes, I haven't ruled out the fact their being
a problem with my perl version (5.8.6) itself, I was just weary of going
to p5p too early, I know many people hate cross posts. Perhaps I can
point a link to this thread in archive and ask the perl specific
questions there.

I'm hoping tho that if I can create a small test case under mod_perl
then that opens up myself/someone-on-the-list trying it with other
combinations of perl & mod_perl.

Thanks for giving me the push of courage I probably need to approach the
p5p team.

Sagar

> -----Original Message-----
> From: Michael Peters [mailto:[EMAIL PROTECTED] 
> Sent: 29 March 2007 18:44
> To: Shah, Sagar: IT (LDN)
> Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; modperl@perl.apache.org
> Subject: Re: "Insecure dependency in eval while running setgid" error
> 
> [EMAIL PROTECTED] wrote:
> 
> > Are there any other cases? How does perl handle the special 
> case above,
> > is there some magical variable 
> $let_regexes_have_the_untaint_power  or
> > something of that order (silly long shot I know)
> 
> Sounds like a question for perl5-porters.
> 
> > I have to say I'm finding it harder and harder to believe 
> the issue is
> > either with my own code or with the code of any of the CPAN 
> modules I'm
> > using. The suggestions from some people to just turn taint 
> mode off in
> > production make me wonder whether there's been enough real 
> world use of
> > taint mode in mod_perl2 to give it sufficient real world testing.
> 
> Or it could be taint mode + mod_perl2 + your perl version. 
> But that's something
> better asked on p5p.
> 
> -- 
> Michael Peters
> Developer
> Plus Three, LP
> 
> 
------------------------------------------------------------------------
For more information about Barclays Capital, please visit our web site at 
http://www.barcap.com.

Internet communications are not secure and therefore the Barclays Group does 
not accept legal responsibility for the contents of this message.  Although the 
Barclays Group operates anti-virus programmes, it does not accept 
responsibility for any damage whatsoever that is caused by viruses being 
passed.  Any views or opinions presented are solely those of the author and do 
not necessarily represent those of the Barclays Group.  Replies to this email 
may be monitored by the Barclays Group for operational or business reasons.
------------------------------------------------------------------------

Reply via email to