Perl in shared hosting environments

'lesleyb' lesleyb at
Wed Sep 21 07:51:38 BST 2011


I came across this script on the MT forums

my  $b__dir = (-d '/home4/myhome/perl'? \
                 ( getpwuid($>) )[7].'/perl');

unshift @INC,$b__dir.'5/lib/perl5', $b__dir.'5/lib/perl5/x86_64-linux-thread-multi', map { $b__dir . $_ } @INC;

from someone using shared hosting.

The end effect is to prepend the directories in @INC with the directory
$b__dir, which may or may not be the user's home directory, pushing two new
ones on the front of @INC and including the original @INC as the last set of
directories to be searched for modules etc.

I'm just left wondering how far one could exploit this?  I'm guessing mod_perl
would still be out of the question. And probably mod_fcgi.

So someone using such a script would still be restricted to CGI but able to
install modules they wish to use?



More information about the mailing list