No executables in /tmp
jason at infogenix.com
Tue Mar 28 08:21:22 MST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Bryan Sant wrote:
> I don't get it. Does apache spawn new perl processes? I thought that
> mod_perl was part of the apache process. How could someone exec a new
> perl command on your machine via mod_perl? Doesn't mod_perl prevent
> (or at least provide a way to secure) exec and eval calls?
You're talking here about two different ways to run Perl code. yes,
mod_perl would have it's own perl inside of it, and not wind up exec-ing
a new one. However it seems that he is running the old CGI-style method
of running a script. Then, when running any language, apache will fork
a new process that executes said script.
Slower, less secure, less powerful. But it's where the dynamic web
started, and a *lot* of places still use it. Because it's there, and
because it's easy.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
-----END PGP SIGNATURE-----
More information about the PLUG