HTML::Template - HTML_TEMPLATE_ROOT

MidLifeXis has asked for the wisdom of the Perl Monks concerning the following question:

Update:I think that I may have tried to generalize my original post too much, when I should have focused it explicitly on just HTML_TEMPLATE_ROOT. Please read this in the context of H::T and the HTML_TEMPLATE_ROOT variable.

I am running into a methodology question:

Do I set my search paths from the environment
Do I point to a configuration file where I set up my environment

In particular, HT's HTML_TEMPLATE_ROOT variable only allows a single path. If you have a set of paths that you wish to search, you need to make sure to put the paths into the ->new() call for the template.

This may not always be possible or desireable.

Take, for example, a scenerio where you tie parts of a system together with environment variables. You pick multiple paths for certain versions of libraries, PERL5LIB for the same, and you also want to pick some templates from a set of choices. I can create a configuration file and point to that, but now my configuration is in two locations, the shell script script starting the whole thing (both perl and non-perl parts) and the second configuration file.

Additionally, if I require my HTML::Template->new call to include the path attribute, I now need to make sure that every call to ->new, including those that I do not have control over, allow me to tweak the include path.

On the down side, there may be a performance penalty if the search path on new is combined with a multi-path HTML_TEMPLATE_PATH environment variable.

There is also the potential for security issues if someone else can tweak your environment. But if that is the case, then PATH is also suspect.

Any thoughts on this? I am leaning heavily toward patching HT (and submitting it, of course), but am not sure if there are other implications.

--MidLifeXis

Comment on HTML::Template - HTML_TEMPLATE_ROOT - multiple paths? Select or Download Code

Replies are listed 'Best First'.
Re: HTML::Template - HTML_TEMPLATE_ROOT - multiple paths? by freakingwildchild (Scribe) on May 01, 2007 at 21:44 UTC
Security wise; I would never set paths from the environment because it opens an entire other box of security problems. You will have to doublecheck your code which parameters to accept/deny even more than before because your path will be chosen automatically by your program which can give quite strange results if the parameters given by the end-user are malicious ... You could alternatively pre-define a few paths in an array or if you are -really- sure your paths won't be exploited in one or another way (to parse files which should not parsed like /etc/passwd etc..); by setting only the paths that are deemed neccesary for your program to run. Still I think you better do this with a very small piece of (init) code instead of doing this automatically because then you know for sure which you have control over; while if-automatically you will loose that fine grain of control if you forget that one check. Another way is chroot or a "sandbox"; where you check first if the path is part of the "sandbox" and if so; get the template, if not; deny. Like /home/users/templates/wildchild and /home/users/templates/midlifexs could have as root /home/users/templates ; this would limit any security hell to that one path /home/users/templates and not /home/users/* or others (if coded appropriate) ...	[reply]
Re^2: HTML::Template - HTML_TEMPLATE_ROOT - multiple paths? by MidLifeXis (Monsignor) on May 02, 2007 at 14:27 UTC
While I understand (and agree with) the security implications in general, what are the added implications of making the variable that already exists accept multiple paths instead of just a single path. H::T currently looks in the single path pointed to by HTML_TEMPLATE_ROOT. I am having a hard time seeing how multiple paths (ala PATH, MANPATH, PERL5LIB, etc) in an already existing single-path variable is more of a security risk. At worst I can see a performance hit. I think that I may have tried to generalize my original post too much, when I should have focused it explicitly on just HTML_TEMPLATE_ROOT. --MidLifeXis	[reply]
Re^3: HTML::Template - HTML_TEMPLATE_ROOT - multiple paths? by freakingwildchild (Scribe) on May 02, 2007 at 15:34 UTC
There should not be added implications if everything is checked and filtered well enough and if you got a complete separate system variable reserved for it. Performance can be easy tuned if you put your main templates in the first directory in your path and work downwards like that.	[reply]
Re: HTML::Template - HTML_TEMPLATE_ROOT - multiple paths? by scorpio17 (Canon) on May 02, 2007 at 15:00 UTC
You might consider using Config::Simple or Config::Auto. I've found these to be very useful. For example, I'll put all my path info (for things like templates used by HTML::Template), Database settings (table names, username, password), etc. into a config file in the same directory as the script. There are really two config files: one for development (dev-config.ini) and one for production (prod-config.ini). The script reads a file called config.ini, but this is really a symbolic link. On the production machine config.ini points to prod-config.ini and on the development machine it points to dev-config.ini. You could accomplish the same thing using environment variables, but this seems to work better for me.	[reply]