Bookmarks

Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

sqldatasource dal, wwwxxxenden, convert raid5 to raid 10 mdadm, apache force chunked, nrao wwwxxx, xxxxxdup, procmail change subject header, wwwXxx not20, Wwwxxx.doks sas, linux raid resync after reboot

Links

XODOX
Impressum

#1: PerlOptions -Sections not permitted in server config

Posted on 2011-10-04 10:43:44 by Damyan Ivanov

The following bug report arrived at Debian bugtracker
(http://bugs.debian.org/644169). Since I am able to reproduce it with
2.0.5, I am forwarding it here for advice:

(note that I have omitted some parts, as well as the output of mp2bug.
See the above URL for the full details if needed)

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

I'm unable to disable <Perl> sections, as described here:

http://perl.apache.org/docs/2.0/user/config/config.html#C_Pe rl_Handler_

So, according to the documentation, I should be able to simply place
the following in the server configuration.

PerlOption -Sections

When the option is placed in the server configuration, the following
error message is printed to screen when using apache2ctl configtest:

Syntax error on line 10 of /etc/apache2/conf.d/all_vhosts:
Invalid per-server PerlOption: Sections
Action 'configtest' failed.
The Apache error log may have more information.

The apache error log does not have any information.

This option is not allowed in per-directory configurations, and if I
try to do so, Apache provides the following error message (IP address
and path mangled):

[Mon Oct 03 16:11:28 2011] [alert] [client aaa.bbb.ccc.ddd]
/home/dir/.htaccess: Invalid per-directory PerlOption: Sections
(only allowed per-server)

For my use, this bug is a security problem, as it makes it impossible
to include mod_perl code to manage the Apache API in server
configurations without permitting users to run Perl code in the same
server, unless you also disable per-user configuration in .htaccess,
which breaks other useful functionality.

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

To reproduce the bug, add "PerlOptions -Sections"' to the global
configuration or to any <VirtualHost> container.

Thanks for any hints!

Report this message