You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl-cvs@perl.apache.org by fd...@hyperreal.org on 1998/09/03 23:12:29 UTC

cvs commit: modperl/faq mod_perl_faq.pod

fdc         98/09/03 14:12:29

  Modified:    faq      mod_perl_faq.pod
  Log:
  Added suggestion from Stephane Payrard.
  
  Revision  Changes    Path
  1.9       +6 -1      modperl/faq/mod_perl_faq.pod
  
  Index: mod_perl_faq.pod
  ===================================================================
  RCS file: /export/home/cvs/modperl/faq/mod_perl_faq.pod,v
  retrieving revision 1.8
  retrieving revision 1.9
  diff -u -r1.8 -r1.9
  --- mod_perl_faq.pod	1998/07/01 23:16:23	1.8
  +++ mod_perl_faq.pod	1998/09/03 21:12:29	1.9
  @@ -1,6 +1,6 @@
   =head1 NAME
   
  -Mod_perl_faq - frequently asked questions about mod_perl ($Date: 1998/07/01 23:16:23 $)
  +Mod_perl_faq - frequently asked questions about mod_perl ($Date: 1998/09/03 21:12:29 $)
   
   =head1 DESCRIPTION
   
  @@ -113,6 +113,11 @@
   to world readable files.  Even so, careless scripts can give away
   information.  You would not want your /etc/passwd file to be readable over
   the net, for instance.
  +
  +Different mod_perl scripts run successively using the same Perl
  +interpreter instance. So, in addition to classical CGI mischiefs, a
  +malicious mod_perl script can redefine any Perl object and change the
  +behavior of other mod_perl scripts.
   
   If you turn on tainting checks, perl can help you to avoid the pitfalls of
   using data received from the net.  Setting the C<-T> switch on the first line