SPUG: Installing Crypt, not su

Jason Lamport jason at strangelight.com
Tue Dec 19 13:05:15 CST 2000

At 11:46 PM -0800 12/18/00, Matt Tucker wrote:
>All this stuff could either go in cgi-bin or in 
>/home/a/myAccount/lib, depending on how you want things set up. Just 
>be sure to use the proper 'use lib' directive (if it's not the same 
>directory that contains the script), and provide the correct 

It's a good idea to use lib even if the library is in the same 
directory as your script, and to remove '.' from the search path (I 
think running perl with the -T option does this automatically?), 
since you can't be certain what the current directory will be when 
your script is run, *especially* if it's a cgi.

(Although nearly all web servers set the current directory of cgi's 
to the directory containing the script, this is *not* a requirement 
of the cgi standard.  Also, a favorite method of hackers is to trick 
world-executable script into loading malicious code by setting the 
working directory to something unexpected.)


 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
     POST TO: spug-list at pm.org       PROBLEMS: owner-spug-list at pm.org
      Subscriptions; Email to majordomo at pm.org:  ACTION  LIST  EMAIL
  Replace ACTION by subscribe or unsubscribe, EMAIL by your Email-address
 For daily traffic, use spug-list for LIST ;  for weekly, spug-list-digest
  Seattle Perl Users Group (SPUG) Home Page: http://www.halcyon.com/spug/

More information about the spug-list mailing list