Hi Michael, Thanks for your response. Yes, I haven't ruled out the fact their being a problem with my perl version (5.8.6) itself, I was just weary of going to p5p too early, I know many people hate cross posts. Perhaps I can point a link to this thread in archive and ask the perl specific questions there.
I'm hoping tho that if I can create a small test case under mod_perl then that opens up myself/someone-on-the-list trying it with other combinations of perl & mod_perl. Thanks for giving me the push of courage I probably need to approach the p5p team. Sagar > -----Original Message----- > From: Michael Peters [mailto:[EMAIL PROTECTED] > Sent: 29 March 2007 18:44 > To: Shah, Sagar: IT (LDN) > Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; modperl@perl.apache.org > Subject: Re: "Insecure dependency in eval while running setgid" error > > [EMAIL PROTECTED] wrote: > > > Are there any other cases? How does perl handle the special > case above, > > is there some magical variable > $let_regexes_have_the_untaint_power or > > something of that order (silly long shot I know) > > Sounds like a question for perl5-porters. > > > I have to say I'm finding it harder and harder to believe > the issue is > > either with my own code or with the code of any of the CPAN > modules I'm > > using. The suggestions from some people to just turn taint > mode off in > > production make me wonder whether there's been enough real > world use of > > taint mode in mod_perl2 to give it sufficient real world testing. > > Or it could be taint mode + mod_perl2 + your perl version. > But that's something > better asked on p5p. > > -- > Michael Peters > Developer > Plus Three, LP > > ------------------------------------------------------------------------ For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. ------------------------------------------------------------------------
