No executables in /tmp

[Jayce^]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bryan Sant wrote:
> I don't get it.  Does apache spawn new perl processes?  I thought that
> mod_perl was part of the apache process.  How could someone exec a new
> perl command on your machine via mod_perl?  Doesn't mod_perl prevent
> (or at least provide a way to secure) exec and eval calls?

You're talking here about two different ways to run Perl code.  yes,
mod_perl would have it's own perl inside of it, and not wind up exec-ing
a new one.  However it seems that he is running the old CGI-style method
of running a script.  Then, when running any language, apache will fork
a new process that executes said script.

Slower, less secure, less powerful.  But it's where the dynamic web
started, and a *lot* of places still use it.  Because it's there, and
because it's easy.

- --
Jayce^
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)

iD8DBQFEKVRyA10/0O8cAHgRAlg4AJoCJsYcuFbm8FVh5kZJS+fN/5zvTQCgovjQ
2c1lRsoAA55kDZiiuqbaLYg=
=6P4k
-----END PGP SIGNATURE-----