in reply to chroot() security in cgi script?

How did your Perl program manage to "hack" the server, exactly? Were you trusting input and then inserting it into paths or queries or whatnot without first running it through a converter? Sounds more like you need to practice untainting. But you could theoretically use a wrapper, like one of the ones mentioned here:
http://www.w3.org/Security/faq/wwwsf4.html (bit more than halfway down the page)

Replies are listed 'Best First'.
Re^2: chroot() security in cgi script?
by ww (Archbishop) on Jan 04, 2012 at 14:38 UTC
    How did your Perl program manage to "hack" the server, exactly?

    Where does iaw4 say Perl is even related to the hack job, except in speculation after the fact?

    Q:   The sky is blue. I thought maybe I should change my socks
    A:   How,, exactly, did changing your socks manage to change the sky color?

[reply]
    A reply falls below the community's threshold of quality. You may see it by logging in.

In Section Seekers of Perl Wisdom