Re: How to unable the use of tainted mode in a CGI script ?
- From: Tim Greer <tim@xxxxxxxxxxxxx>
- Date: Sat, 27 Sep 2008 11:45:27 -0700
Azol wrote:
In article <r59Dk.75755$PK.65320@xxxxxxxxxxxx>, tim@xxxxxxxxxxxxx
says...
Where is your log directory? Are you looking for the error log in
the
log directory for the web server? A lot of hosts have individual
directories for user's domain logs, or one central location, while
the actual error logs are usually still located in the standard log
location for the web service (wherever that might be, depending on
their configuration and type of service). Ask your host if you're
unsure.
OK, not any error.log in my account... I ask the support about this.
Thanks for your advice, Tim.
By the way, that access log alone showed a 200 response, rather than
a 500 response, so it made it appear as though, from the access log
standpoint anyway, that it's working (this is why you need to locate
and show the associated log entry from the error log, when you test
the
script and have it fail). Did you ask your host to clarify how/why
Taint isn't working?
Here is the reply from the hoster's support (in French) :
"Nous vous informons qu'il ne sera pas possible d'utiliser cette
fonction sur de l'hébergement mutualisé. Vous devez pour cela vous
tourner vers les offres de serveurs privés, ou l'accès Root vous
permettra d'installer ce type de script."
In English, it's something like :
"We inform you that it will be not possible to use this function in a
mutualised hosting. You must go to the private or dedicated servers
offers, where the root access will alow you this kind of script"
oops :(
That is unfortunate, and wrong. I suggest you start looking for a
hosting provider that has a better idea of how this works. After all,
it's only to their advantage (and yours), to offer features that catch
a lot of potential mistakes in user's codes (that can ultimately save
their clients (and them) a lot of headaches about abuse reports). For
example, if some client has their script exploited, because the host
didn't allow their users to add some common and simple checks to
alert/warn or error when there's a significant goof in the code is
seen. Strange. I'd convey those concerns to them, if nothing else.
--
Tim Greer, CEO/Founder/CTO, BurlyHost.com, Inc.
Shared Hosting, Reseller Hosting, Dedicated & Semi-Dedicated servers
and Custom Hosting. 24/7 support, 30 day guarantee, secure servers.
Industry's most experienced staff! -- Web Hosting With Muscle!
.
- Follow-Ups:
- References:
- How to unable the use of tainted mode in a CGI script ?
- From: Azol
- Re: How to unable the use of tainted mode in a CGI script ?
- From: Peter Scott
- Re: How to unable the use of tainted mode in a CGI script ?
- From: Azol
- Re: How to unable the use of tainted mode in a CGI script ?
- From: Sherm Pendley
- Re: How to unable the use of tainted mode in a CGI script ?
- From: Azol
- Re: How to unable the use of tainted mode in a CGI script ?
- From: Peter Makholm
- Re: How to unable the use of tainted mode in a CGI script ?
- From: Azol
- Re: How to unable the use of tainted mode in a CGI script ?
- From: Tim Greer
- Re: How to unable the use of tainted mode in a CGI script ?
- From: Azol
- How to unable the use of tainted mode in a CGI script ?
- Prev by Date: Re: $current_path=`echo $cwd` does not work
- Next by Date: Re: What does m@ stand for in the following regular expression.
- Previous by thread: Re: How to unable the use of tainted mode in a CGI script ?
- Next by thread: Re: How to unable the use of tainted mode in a CGI script ?
- Index(es):
Relevant Pages
|
