[Rt-devel] FastCGI, SetGIDness and Taint mode
Vivek Khera
vivek at khera.org
Wed Jun 16 12:29:08 EDT 2004
On Jun 16, 2004, at 12:08 PM, Jesse Vincent wrote:
> So, lurking somewhere deep in MIME::Parser, there's a tainting error
> that I can't isolate it. After running for a day or two, my
> development
> RT instances running setgid fastcgi do seem to hit it. The only reason
>
Well, personally, I think that one should *always* run with taint mode
on any program exposed to public humiliation^W user input.
Particularly web sites and things that handle incoming email.
But if you can't track down the error, that makes life quite
difficult... :-(
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2476 bytes
Desc: not available
Url : http://lists.bestpractical.com/pipermail/rt-devel/attachments/20040616/0b1847ac/smime.bin
More information about the Rt-devel
mailing list