Embperl - building dynamic websites with Perl


Security
[ << Prev: Database access ] [ Content ] [ Next: Escaping/Unescaping >> ]

When running under mod_perl, all Perl code shares the same interpreter. This means that every application can access data from every other application. Embperl maintains a separate namespace for every document, which is enough to avoid accidentally overwriting other applications data, but there is no real security. You can access any data from any other application that runs on the same server process under mod_perl if you explicitly specify a package name. This is not a problem of Embperl itself, but caused by the design of Apache and mod_perl.


[ << Prev: Database access ] [ Content ] [ Next: Escaping/Unescaping >> ]


© 1997-2023 Gerald Richter / actevy