• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

Perl threat

K

knocx

Guest
it is possible to traverse and read whole server files with perl/cgi scripts even using plesk suexec.

i.e one can read /etc/proftpd.conf ..etc you guess the rest!


is there a pre-caution for that? how can perl be hardened on run time (like php safe_mode directive).

or is the only way to disable perl handler in apache
 
You must log in or register to reply here.

Similar threads

P
Resolved Disable output buffering
Replies
4
Views
1K
Patashoow
P
A
Issue 502 Gateway error with HTTP POST Requests but not GET requests
Replies
3
Views
3K
Maarten
M
Hangover2
Resolved Disabled PHP "Hosting performance settings management" can be bypassed by using .user.ini or ini_set()
Replies
19
Views
6K
Hangover2
Hangover2
P
Question Perl handler in 18.0.40
Replies
2
Views
3K
Pat Brown
P
Ehud
Question Is Plesk Email SRS fully configured, or it requires an extension?
Replies
0
Views
2K
Ehud
Ehud
Back
Top