[Rt-devel] FastCGI, SetGIDness and Taint mode

Vivek Khera vivek at khera.org
Wed Jun 16 12:29:08 EDT 2004

On Jun 16, 2004, at 12:08 PM, Jesse Vincent wrote:

> So, lurking somewhere deep in MIME::Parser, there's a tainting error
> that I can't isolate it.  After running for a day or two, my 
> development
> RT instances running setgid fastcgi do seem to hit it.  The only reason

Well, personally, I think that one should *always* run with taint mode 
on any program exposed to public humiliation^W  user input.  
Particularly web sites and things that handle incoming email.

But if you can't track down the error, that makes life quite 
difficult... :-(
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2476 bytes
Desc: not available
Url : http://lists.bestpractical.com/pipermail/rt-devel/attachments/20040616/0b1847ac/smime.bin

More information about the Rt-devel mailing list