Perl in shared hosting environments

Tomas Doran bobtfish at
Wed Sep 21 08:28:38 BST 2011

On 21 Sep 2011, at 07:51, lesleyb wrote:
> The end effect is to prepend the directories in @INC with the  
> directory
> $b__dir, which may or may not be the user's home directory, pushing  
> two new
> ones on the front of @INC and including the original @INC as the  
> last set of
> directories to be searched for modules etc.
> I'm just left wondering how far one could exploit this?  I'm  
> guessing mod_perl
> would still be out of the question. And probably mod_fcgi.

No, also no?

Taking fastcgi first - fastcgi just runs a perl script, so there is  
nothing stopping the first line of your script being BEGIN  
{ push(@INC....

And as each fastcgi app has it's own perl interpreter and etc, then  
this technique works well..

mod_perl is a less simple case, as often (although not necessarily)  
the perl interpreter is shared by the entire apache instance, ergo you  
can only have one version of each module loaded.

Nothing in this stops the technique from working in mod-perl per-se,  
however it's likely that perl modules will have been pre-loaded before  
your code is ever called, or alternatively if you override module  
loading and load newer versions of things and some other site is  
relying on the (older) system versions of a module, then you could  
wreck things for them.

> So someone using such a script would still be restricted to CGI but  
> able to
> install modules they wish to use?

See local::lib for a less gross (or at least more standard) solution?


More information about the mailing list