On 3/27/06, Jeff Schroeder <[EMAIL PROTECTED]> wrote: > Greg: > > > Might be wrong, but I think that would also mean you'd need to add > > whatever user apache runs as (I think it's 'nobody' by default) to > > that group, or you won't be able to run perl-based websites. That > > is, if you need that. > > Hmm, good point. And that's the whole root of the issue, because Apache > runs as 'nobody' and that's how the Perl scripts are saved in /tmp. If > Perl can be run by 'nobody', I'm back to square one.
I don't get it. Does apache spawn new perl processes? I thought that mod_perl was part of the apache process. How could someone exec a new perl command on your machine via mod_perl? Doesn't mod_perl prevent (or at least provide a way to secure) exec and eval calls? > Dang. Welcome to Hackville... population me. Ha ha ha. What a great expression ;-). -Bryan /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
