Perl threat

K

knocx

Guest
it is possible to traverse and read whole server files with perl/cgi scripts even using plesk suexec.

i.e one can read /etc/proftpd.conf ..etc you guess the rest!


is there a pre-caution for that? how can perl be hardened on run time (like php safe_mode directive).

or is the only way to disable perl handler in apache
 
You must log in or register to reply here.

Similar threads

M
Question Use SetEnv for Apache additional directives
Replies
5
Views
3K
Sebahat.hadzhi
Sebahat.hadzhi
N
Issue Issues with migration from web host to web admin
Replies
2
Views
2K
nelteren
N
P
Resolved Disable output buffering
Replies
4
Views
6K
Patashoow
P
A
Issue 502 Gateway error with HTTP POST Requests but not GET requests
Replies
3
Views
5K
Maarten
M
D
Question nginx cache "Cache requests with cookies" generates broken regex — all whitelisted cookies cause BYPASS
Replies
4
Views
1K
dima
D
Back
Top