You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@perl.apache.org by "Philippe M. Chiasson" <go...@ectoplasm.org> on 2004/08/17 22:03:26 UTC

[Patch mp2] Apache::Module remove 2 dangerous methods

remove_module() and remove_loaded_module() are currently exposed thru Apache::Module
and I am wondering if that is a good idea. Those methods allow the removing of arbitrary
httpd modules.  The functions add_module() and add_loaded_module() are already not available,
so unless we keep all four, I think all four should not be available.

Thoughts ?
-- 
--------------------------------------------------------------------------------
Philippe M. Chiasson m/gozer\@(apache|cpan|ectoplasm)\.org/ GPG KeyID : 88C3A5A5
http://gozer.ectoplasm.org/     F9BF E0C2 480E 7680 1AE5 3631 CB32 A107 88C3A5A5

Re: [Patch mp2] Apache::Module remove 2 dangerous methods

Posted by "Philippe M. Chiasson" <go...@ectoplasm.org>.


Stas Bekman wrote:
> Philippe M. Chiasson wrote:
> 
>>remove_module() and remove_loaded_module() are currently exposed thru 
>>Apache::Module
>>and I am wondering if that is a good idea. Those methods allow the 
>>removing of arbitrary
>>httpd modules.  The functions add_module() and add_loaded_module() are 
>>already not available,
>>so unless we keep all four, I think all four should not be available.
>>
>>Thoughts ?
> 
> 
> +1

Gone!

-- 
--------------------------------------------------------------------------------
Philippe M. Chiasson m/gozer\@(apache|cpan|ectoplasm)\.org/ GPG KeyID : 88C3A5A5
http://gozer.ectoplasm.org/     F9BF E0C2 480E 7680 1AE5 3631 CB32 A107 88C3A5A5

Re: [Patch mp2] Apache::Module remove 2 dangerous methods

Posted by Stas Bekman <st...@stason.org>.

Philippe M. Chiasson wrote:
> remove_module() and remove_loaded_module() are currently exposed thru 
> Apache::Module
> and I am wondering if that is a good idea. Those methods allow the 
> removing of arbitrary
> httpd modules.  The functions add_module() and add_loaded_module() are 
> already not available,
> so unless we keep all four, I think all four should not be available.
> 
> Thoughts ?

+1

-- 
__________________________________________________________________
Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/     mod_perl Guide ---> http://perl.apache.org
mailto:stas@stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@perl.apache.org
For additional commands, e-mail: dev-help@perl.apache.org