Perl Flags
When your scripts ran under mod_cgi, they started off with the “shebang line”:
#! /usr/local/bin/perl -w -T
Under mod_perl this is no longer necessary.
However, it is tolerated, so you don’t have to
remove it, and the -w flag is even picked up and
invokes warnings. It would be too simple if all the other possible
flags were also recognized, so if you use -T to
invoke taint checking, it won’t work. You have to
use PerlTaintCheck
On,
PerlWarning
On in the Apache
Config file. It is recommended that you always use
PerlTaintCheck to guard against attempts to hack
your scripts by way of dubious entries in HTML forms. It is
recommended that you have PerlWarn on while the
scripts are being developed, but when in production to turn warnings
off since one warning per visitor, written to the log file on a busy
site, can soon use
up all the available disk space and
bring the server to a halt.
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access