Re: MP1 Security issue (was Re: [mp1] PerlRun fails if path_info contains special symbols)

On 3/23/07, Geoffrey Young <[EMAIL PROTECTED]> wrote: as for mp2, nothing in the current distribution is affected - ModPerl::Registry and ModPerl::PerlRun are both filesystem based and not uri based. however, if you use RegistryCooker to roll your own non-standard Registry handler and are using

Re: MP1 Security issue (was Re: [mp1] PerlRun fails if path_info contains special symbols)

> I was able to reproduce this in mp1. > > for the interested, a fix has been put in place in svn for mod_perl 1.0, > which you can grab from here: > > https://svn.apache.org/repos/asf/perl/modperl/branches/1.x/ > > furthermore, as michael pointed out, the problem is isolated to > Apache::Per

Re: MP1 Security issue (was Re: [mp1] PerlRun fails if path_info contains special symbols)

Kjetil Kjernsmo wrote: > On Friday 23 March 2007 14:57, Geoffrey Young wrote: > >>fwiw, I am unable to reproduce this in either mp1 or mp2 using what I >>consider a basic setup. > > > I have also failed to reproduce the problem on 2.0.3 with my setup. > Also, we are very liberal on what kind of

Re: MP1 Security issue (was Re: [mp1] PerlRun fails if path_info contains special symbols)

On Friday 23 March 2007 14:57, Geoffrey Young wrote: > fwiw, I am unable to reproduce this in either mp1 or mp2 using what I > consider a basic setup. I have also failed to reproduce the problem on 2.0.3 with my setup. Also, we are very liberal on what kind of usernames, and thus what special ch

Re: MP1 Security issue (was Re: [mp1] PerlRun fails if path_info contains special symbols)

Michael Peters wrote: > Randal L. Schwartz wrote: > >>>"Alex" == Alex Solovey <[EMAIL PROTECTED]> writes: >> >>Alex> The problem is due to unescaped variable interpolation in regular >>Alex> expression $uri =~ /$path_info$/ in sub namespace_from: >> >>I don't want to raise too many alarms, but

Re: MP1 Security issue (was Re: [mp1] PerlRun fails if path_info contains special symbols)

Randal L. Schwartz wrote: >> "Alex" == Alex Solovey <[EMAIL PROTECTED]> writes: > > Alex> The problem is due to unescaped variable interpolation in regular > Alex> expression $uri =~ /$path_info$/ in sub namespace_from: > > I don't want to raise too many alarms, but this means that every MP1

Re: MP1 Security issue (was Re: [mp1] PerlRun fails if path_info contains special symbols)

Randal L. Schwartz wrote: >>"Randal" == Randal L Schwartz writes: > > >>"Alex" == Alex Solovey <[EMAIL PROTECTED]> writes: > > Alex> The problem is due to unescaped variable interpolation in regular > Alex> expression $uri =~ /$path_info$/ in sub namespace_from: > > Randal> I don't wan

Re: MP1 Security issue (was Re: [mp1] PerlRun fails if path_info contains special symbols)

Philip M. Gollucci wrote: Perrin Harkins wrote: On 3/22/07, Andy Armstrong <[EMAIL PROTECTED]> wrote: $path_info = quotemeta $path_info; my $script_name = $path_info && $self->{URI} =~ /$path_info$/ You can in-line that to avoid clobbering the original: my $script_name = $path_inf

Re: MP1 Security issue (was Re: [mp1] PerlRun fails if path_info contains special symbols)

Perrin Harkins wrote: On 3/22/07, Andy Armstrong <[EMAIL PROTECTED]> wrote: $path_info = quotemeta $path_info; my $script_name = $path_info && $self->{URI} =~ /$path_info$/ You can in-line that to avoid clobbering the original: my $script_name = $path_info && $self->{URI} =~ /\Q$pa

Re: MP1 Security issue (was Re: [mp1] PerlRun fails if path_info contains special symbols)

On 3/22/07, Andy Armstrong <[EMAIL PROTECTED]> wrote: $path_info = quotemeta $path_info; my $script_name = $path_info && $self->{URI} =~ /$path_info$/ You can in-line that to avoid clobbering the original: my $script_name = $path_info && $self->{URI} =~ /\Q$path_info\E$/ - Perrin

Re: MP1 Security issue (was Re: [mp1] PerlRun fails if path_info contains special symbols)

On 23 Mar 2007, at 03:49, Fred Moyer wrote: Ok, help me out here Merlyn. Will this fix it? I assume it needs to be quoted like this: $path_info = quotemeta $path_info; my $script_name = $path_info && $self->{URI} =~ /$path_info$/ [EMAIL PROTECTED] ~/dev/modperl/mod_perl-2.0 $ sv

Re: MP1 Security issue (was Re: [mp1] PerlRun fails if path_info contains special symbols)

Randal L. Schwartz wrote: "Randal" == Randal L Schwartz writes: "Alex" == Alex Solovey <[EMAIL PROTECTED]> writes: Alex> The problem is due to unescaped variable interpolation in regular Alex> expression $uri =~ /$path_info$/ in sub namespace_from: Randal> I don't want to raise too many ala

Re: MP1 Security issue (was Re: [mp1] PerlRun fails if path_info contains special symbols)

> "Randal" == Randal L Schwartz writes: > "Alex" == Alex Solovey <[EMAIL PROTECTED]> writes: Alex> The problem is due to unescaped variable interpolation in regular Alex> expression $uri =~ /$path_info$/ in sub namespace_from: Randal> I don't want to raise too many alarms, but this means

MP1 Security issue (was Re: [mp1] PerlRun fails if path_info contains special symbols)

> "Alex" == Alex Solovey <[EMAIL PROTECTED]> writes: Alex> The problem is due to unescaped variable interpolation in regular Alex> expression $uri =~ /$path_info$/ in sub namespace_from: I don't want to raise too many alarms, but this means that every MP1 server has a denial-of-service attack

Re: [mp1] PerlRun fails if path_info contains special symbols

On 3/22/07, Alex Solovey <[EMAIL PROTECTED]> wrote: The problem is due to unescaped variable interpolation in regular expression $uri =~ /$path_info$/ in sub namespace_from Would you be willing to try your hand at a patch? - Perrin