Bug#521584: perl-suid: -U no longer behaves as expected to allow insecure operations
Adam Kessel
ajkessel at debian.org
Sun Mar 29 20:50:35 UTC 2009
Niko Tyni wrote, on 3/29/2009 2:50 PM:
> Are you sure these really are fatal errors with -U? See below.
The problem seems to be only when the script is called from apache
(2.2), so I wonder if that is the problem. When I run it from the shell,
it behaves as expected. When it is called via CGI, it dies where you
would expect just a warning.
Is this perhaps a bug in apache2.2, or alternatively just a difference
in how perl scripts are handled in apache2.2?
> Please provide a test script that shows the problem.
The script is just a standard blosxom installation, other than being set
setuid.
Adam
More information about the Perl-maintainers
mailing list