Mar 10, 2003, 1:53 AM
Post #1 of 4
is there any safe mode on perl ?
First of all , sorry for my english.
I am a newsbie to perl world (I am a php programmer) and I wish to ask you something about perl security.
I am providing hosting to some users and I noticed that there are some perl programs which permit to emulate an ssh/telnet (sending linux commands) via browser .
For example the "command" function on Gossamer File manager provides the user an ssh/telnet session via web .
Every user using the "command" function on Gossamer file , could use #cat /etc/passwd and then could browse each user
executing #ls /home/user/public_html and so on.., cacthing code and clean passwords between user accounts ....
There are similar programs (command line emulator via browser)
also in php (for example phpmyshell) ...however ,since this kind of programs could create security problems , with php there is the famous "php safe mode" that restrict the usage of "unix command" on a shared enviroments to the user directory .So , running the php safe mode , #cat /etc/passwd or any other linux command out of /home/user will never work .
Well , now my question is ..
Is there anything similar to php_safe_mode on perl ?
How could I be safe from program like Gossamer File manager
on a shared enviroment ?
Thanks a lot