Re: mod_perl 1.0 and 2.0
I think it should be based on your specific requirements. If you want to setup a production box and does not have much time in hand to troubleshoot, then you must go for mod_perl 1.x/Apache-1.x latest stable versions. However, if you have time in hand & want to learn a bit about Apache/mod_perl, then 2.x would be better. For any slightly large project, you're likely to face problems & it's fun to debug as you'd get to know the code better. I'd also think mod_perl 1.x series may be discontinued after a while, as 2.x gets to be used widely (however, it may be a while). I have been trying to move a large application from mod_perl 1.x to 2.x. There had been many hiccups now & then and I had to install latest of version of all components in my tech stack (perl 5.8.0, latest CGI/DBI/DBD ...etc.) and had to tweak my configurations. I found few issues in the process and I've reported them here. From my experience, it's a bit long journey, but quite interesting. Sreeji --- Jamie Krasnoo <[EMAIL PROTECTED]> wrote: > Hi all, > > I'm currently working on a personal project to get > myself back in > mod_perl programming order. However I'm more used to > using mod_perl 1.0 > with Apache 1.3.x. I'm going through the > documentation for mod_perl 2.0 > but I'm worried that most of the modules I need > won't work with mod_perl > 2.0. I've been looking for what modules will and > will not work with 2.0 > (like Apache::DBI for pooling connections with > MySQL). Would it be a > better benefit to me to switch over to 2.0? > > Thanks, > > Jamie > Want to chat instantly with your online friends? Get the FREE Yahoo! Messenger http://uk.messenger.yahoo.com/
Re: untainting PATH in mod_perl
On Wed, Jul 09, 2003 at 05:40:32PM +0200, Dominique Quatravaux wrote: > > In plain CGI, I normally do this inside a BEGIN > > block; in mod_perl however, this doesn't work. > > This would work if this was done in a section of the httpd.conf > file (this is what I do). I am not sure why the BEGIN block is not > executed, but my guess is that the environment gets automatically > restored at the end of every script run under Apache::Registry, > including the tainted PATH. > I need some help with this. Can you share the code you use w/in your section? I'm pretty confused because I was able to untaint my PATH var. by putting $ENV{PATH} = '/bin'; in the ***same scope*** where I was getting the error. For example $ENV{PATH} = '/bin'; my @files = `/bin/ls $path`; # $path is already untainted was OK; leave out the $ENV line and I get an Insecure $ENV{PATH} error. This works (don't know why) but I would prefer to fix the PATH in one place rather than having to do so everywhere I shell out or use backticks. Thanks, P -- ^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^ Peter B. Ensch ([EMAIL PROTECTED]) Linux 2.4.20-4GB 8:21pm Up 18 days 2:55 ^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^
mod_perl 1.0 and 2.0
Hi all, I’m currently working on a personal project to get myself back in mod_perl programming order. However I’m more used to using mod_perl 1.0 with Apache 1.3.x. I’m going through the documentation for mod_perl 2.0 but I’m worried that most of the modules I need won’t work with mod_perl 2.0. I’ve been looking for what modules will and will not work with 2.0 (like Apache::DBI for pooling connections with MySQL). Would it be a better benefit to me to switch over to 2.0? Thanks, Jamie
Apache 2.1 Authentication Providers in Perl
hi all... buried within perl.com this week is my latest article http://www.perl.com/pub/a/2003/07/08/mod_perl.html which covers how to use Apache 2.1 authentication from Perl. one of the biggest benefits of Apache 2.1 auth over Apache 2.0 (or even 1.3) is the ease at which it opens up Digest auth, so if that is of interest to you then you really should check out the 2.1 Apache branch. the Apache::AuthenHook module the article discusses is on CPAN http://search.cpan.org/author/GEOFF/Apache-AuthenHook-2.00_01/ enjoy. --Geoff
Re: untainting PATH in mod_perl
> In plain CGI, I normally do this inside a BEGIN > block; in mod_perl however, this doesn't work. This would work if this was done in a section of the httpd.conf file (this is what I do). I am not sure why the BEGIN block is not executed, but my guess is that the environment gets automatically restored at the end of every script run under Apache::Registry, including the tainted PATH. -- Dominique QUATRAVAUX Ingénieur senior 01 44 42 00 08 IDEALX
untainting PATH in mod_perl
perlsec says that to untaint the PATH env one should do: $ENV{'PATH'} = '/bin:/usr/bin'; delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; In plain CGI, I normally do this inside a BEGIN block; in mod_perl however, this doesn't work. A print of $ENV{PATH} returns the original tainted PATH. In my script I'm doing something like foreach(`/bin/ls $path`) { } $path is already untainted but I'm still getting an 'Insecure $ENV{PATH}' error. What am I missing here? Thanks, P -- ^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^ Peter Ensch, [EMAIL PROTECTED] A-1140 (214) 480 2333 ^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^
Re: --help
On Wed, 9 Jul 2003, Alexander Prihodko wrote: > --help Usage: [EMAIL PROTECTED] [-s topic] PROBLEM [DETAILS] Describe a PROBLEM, giving DETAILS, so that the members of the list can try to assist you. Example: Date: Wed, 01 Jan 1970 00:00:00 + From: D Ritchie <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: won't build on new lab system Your ^*$*&$ software won't compile on this PDP-11. I keep getting the error "cowardly refusing to create an empty archive". What is *that* supposed to mean? Here's the full error dump: And here's the software & hardware I'm running: Options: -p --post: [EMAIL PROTECTED] -S --subscribe : [EMAIL PROTECTED] -u --unsubscribe : [EMAIL PROTECTED] -h --help: [EMAIL PROTECTED] Please, try again :) -- Chris Devers [EMAIL PROTECTED] http://devers.homeip.net:8080/ reusability, n. A marketing priority overriding that of usability. See also OBJECT ORIENTEETING. -- from _The Computer Contradictionary_, Stan Kelly-Bootle, 1995
--help
--help
[MP2 - BUG ?] Issue handing Apache config. error messages
Following demonstrates the problem: $ cat /tmp/test.conf @Include = "/tmp/test1.conf"; Listen 43499 $ cat /tmp/test1.conf $Port = 42480; $ httpd -X -f /tmp/test.conf Syntax error on line 7 of /tmp/test.conf: Use of uninitialized value in subroutine entry at /tmp/CVS/virgin/modperl-2.0/blib/lib/Apache2/Apache/PerlSection.pm line 171. - I've confirmed that ap_walk_config() in modperl_config_insert() indeed returns a valid error message and this gets propogated to post_config() in PerlSection.pm & a dir $errmsg happens. I guess this has something to do with the double eval() happening. ie. one for Include, and then recursively for Port. I'll debug it further; but it'd be nice if some1 already knows the issue and has a solution ! thx Sreeji Want to chat instantly with your online friends? Get the FREE Yahoo! Messenger http://uk.messenger.yahoo.com/