[Rt-devel] FastCGI, SetGIDness and Taint mode

Jesse Vincent jesse at bestpractical.com
Wed Jun 16 12:08:00 EDT 2004


So, lurking somewhere deep in MIME::Parser, there's a tainting error
that I can't isolate it.  After running for a day or two, my development
RT instances running setgid fastcgi do seem to hit it.  The only reason
we're running in taint mode in the first place is because the fastcgi
handler is setgid so that it can read the RT configuration file.  

In this day and age, there are better solutions for allowing the RT
handler to be executed as the RT user.  I'm strongly considering 
making the fastcgi handler a normal perl script and recommending that
folks use apache SuExec or equivalent.  Anyone have a good reason that
the current setup works better?

-- 


More information about the Rt-devel mailing list