Bookmarks

Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

nrao wwwxxx, xxxxxdup, procmail change subject header, wwwXxx not20, Wwwxxx.doks sas, linux raid resync after reboot, bind-address mysql multiple, sanibleone xxxx, ftp://192.168.100.100/, www.xxxcon

Links

XODOX
Impressum

#1: PerlOptions -Sections not permitted in server config

Posted on 2011-10-04 10:43:44 by Damyan Ivanov

The following bug report arrived at Debian bugtracker
(http://bugs.debian.org/644169). Since I am able to reproduce it with
2.0.5, I am forwarding it here for advice:

(note that I have omitted some parts, as well as the output of mp2bug.
See the above URL for the full details if needed)

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

I'm unable to disable <Perl> sections, as described here:

http://perl.apache.org/docs/2.0/user/config/config.html#C_Pe rl_Handler_

So, according to the documentation, I should be able to simply place
the following in the server configuration.

PerlOption -Sections

When the option is placed in the server configuration, the following
error message is printed to screen when using apache2ctl configtest:

Syntax error on line 10 of /etc/apache2/conf.d/all_vhosts:
Invalid per-server PerlOption: Sections
Action 'configtest' failed.
The Apache error log may have more information.

The apache error log does not have any information.

This option is not allowed in per-directory configurations, and if I
try to do so, Apache provides the following error message (IP address
and path mangled):

[Mon Oct 03 16:11:28 2011] [alert] [client aaa.bbb.ccc.ddd]
/home/dir/.htaccess: Invalid per-directory PerlOption: Sections
(only allowed per-server)

For my use, this bug is a security problem, as it makes it impossible
to include mod_perl code to manage the Apache API in server
configurations without permitting users to run Perl code in the same
server, unless you also disable per-user configuration in .htaccess,
which breaks other useful functionality.

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

To reproduce the bug, add "PerlOptions -Sections"' to the global
configuration or to any <VirtualHost> container.

Thanks for any hints!

Report this message