There are ways to lock down subdirectories from being served by a web server. Even so, putting the executable for a general-purpose programming language within your document root seems like a terrible idea. Since you're not talking about a PSGI server as part of this scenario and talking about needing to put things in a particular directory, it seems you're likely using CGI.
Imagine you have CGI enabled within your web root. Now imagine for some reason the subdirectory containing perl within that web root becomes web accessible. The HTTP verb POST sends the request body from the client to the web server, which then runs the executable mapped at the requested URI. The request body is then passed in its entirety to that executable's STDIN. Eve fuzzes and futzes and finds your perl executable. She then POSTs arbitrary code, which then runs. Suddenly your system is a command and control system for a botnet or something even worse.
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.
|
