From: Jeff Allen <jra@corp.webtv.net>
jdkirby@bluebunny.com wrote:
> I get the this in my Apache error_log:
>
> Insecure dependency in glob while running setuid at
> /home/cricket/public_html/./lib/ConfigTree.pm line 204.
That's happening because your webserver is configured to run CGI
scripts under taintperl. Cricket is not designed or tested to run with
Perl's tainting feature turned on. I can think of ways to solve that
particular error, but you'll undoubtedly discover others, and I'm not
really interested in trying to solve them all, right now, right here.
A better solution would be to find a way to run it where it does not
need to be so paranoid. We run ours as user "nobody" -- if you can do
that, then you can feel pretty safe turning off the tainting feature.
-- Jeff R. Allen | jra@corp.webtv.net (work) WebTV Networks, Inc. | jeff.allen@acm.org (personal) Service Operations Toolsmith | http://www.munitions.com/~jra------------------------------------------------------------------------ Wanting to get back in touch with old friends? http://www.onelist.com Reunite through a ONElist community.
This archive was generated by hypermail 2b29 : Mon Mar 06 2000 - 19:00:48 PST