ServersISAPI Perl Security Page 7

ISAPI Perl Security Page 7

ServerWatch content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

One last thing: It is unfortunate, but ISAPI Perl installs by default in a manner that is not as secure as it could be. Specifically, a feature of Perl known as taint mode places Perl on a constant and vigilant alert to hacking attempts. More information on taintmode can also be found at the
Taint Mode FAQ

ISAPI Perl installs without this feature enabled. If you wish to enable this feature, you must go into the Web Server Config section of the ActiveState Perl documentation discussed earlier and place a “-T” in between the “perl.exe”
and “%s %s” command-line parameters.

The “-T” flag tells Perl to run in taint mode. We should note, however, that many Perl scripts are, unfortunately, not written with taint mode in mind, so adding this
flag may break existing scripts! Be sure to test thoroughly if you do choose to set this flag.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends & analysis

Latest Posts

Related Stories