Hello,
I just want to mention, that we have some of these errors (three a day) on
the web interface (see below).
They may have to do with some of my mods, but they did not appear before
3.0.10. Did anything change with perl tainted mode with 3.0.10?
Any hint where to dig?
Dirk.
System error
error: Insecure dependency in eval while running with -T switch at
/export/perl-5.8.3/lib/5.8.3/Locale/Maketext/Guts.pm line 247.
context:
…
243: unshift @code, “use strict; sub {\n”;
244: push @code, “}\n”;
245:
246: print @code if DEBUG;
247: my $sub = eval(join ‘’, @code);
248: die “$@ while evalling” . join(’’, @code) if $@; # Should be
impossible.
249: return $sub;
250: }
251:
…
code stack: /export/perl-5.8.3/lib/5.8.3/Locale/Maketext/Guts.pm:247
/export/perl-5.8.3/lib/5.8.3/Locale/Maketext.pm:189
/export/rt3/lib/RT/CurrentUser.pm:365
/export/rt3/lib/RT/Base.pm:97
/export/rt3/lib/RT/Ticket_Overlay.pm:1485
/export/rt3/lib/RT/Ticket_Overlay.pm:581
/export/rt3/lib/RT/Interface/Web.pm:348
/export/rt3/local/html/Ticket/Display.html:73
/export/rt3/local/html/Ticket/Create.html:291
/export/rt3/share/html/autohandler:196
Hello,
I just want to mention, that we have some of these errors (three a day) on
the web interface (see below).
They may have to do with some of my mods, but they did not appear before
3.0.10. Did anything change with perl tainted mode with 3.0.10?
No, but you just told us you switched from mod_perl to FastCGI. This is
known to be an issue with up to 3.0.10 and FastCGI. It Should be
better with 3.0.11. (We’re running FastCGI exclusively right now)
Hello,
–Am Mittwoch, 19. Mai 2004 14:59 Uhr -0400 schrieb Jesse Vincent
jesse@bestpractical.com:
No, but you just told us you switched from mod_perl to FastCGI. This is
known to be an issue with up to 3.0.10 and FastCGI. It Should be
better with 3.0.11. (We’re running FastCGI exclusively right now)
but I have this with 3.0.11rc3 just these days and I suspect they come from
some local modifications in local/html (I have a web page that adds
current-user as CC-Watcher, and a page that creates tickets with
dependencies (pretasks and posttasks).
Can you point me to an example (from your corrections for 3.0.11) that
might hint me how to change my pages to work well?
Dirk.
Hello,
–Am Mittwoch, 19. Mai 2004 14:59 Uhr -0400 schrieb Jesse Vincent
jesse@bestpractical.com:
No, but you just told us you switched from mod_perl to FastCGI. This is
known to be an issue with up to 3.0.10 and FastCGI. It Should be
better with 3.0.11. (We’re running FastCGI exclusively right now)
but I have this with 3.0.11rc3 just these days and I suspect they come from
some local modifications in local/html (I have a web page that adds
current-user as CC-Watcher, and a page that creates tickets with
dependencies (pretasks and posttasks).
Can you point me to an example (from your corrections for 3.0.11) that
might hint me how to change my pages to work well?
So the change was to add a call to RT::DropSetGIDPermissions in the
fastcgi handler.
Hello
–Am Mittwoch, 19. Mai 2004 15:26 Uhr -0400 schrieb Jesse Vincent
jesse@bestpractical.com:
So the change was to add a call to RT::DropSetGIDPermissions in the
fastcgi handler.
hey this is really fast chatting, thanks.
Is this change already present in 3.0.11rc3?
Dirk
So the change was to add a call to RT::DropSetGIDPermissions in the
fastcgi handler.
hey this is really fast chatting, thanks.
Is this change already present in 3.0.11rc3?
Yes. which is part of why I’m surprised that you’re still seeing the
Maketext issue. One answer that may be what we need to do longer-term
is switch to using apache suexec rather than a setgid perl script.
Hello Jesse,
–Am Mittwoch, 19. Mai 2004 15:32 Uhr -0400 schrieb Jesse Vincent
jesse@bestpractical.com:
Yes. which is part of why I’m surprised that you’re still seeing the
Maketext issue. One answer that may be what we need to do longer-term
is switch to using apache suexec rather than a setgid perl script.
Ok I just switched back to mod_perl, which is really a loss of performance
and I will have a look if the error vanished.
Dirk