[ic] GlobalSub can't use modules

Honest to Goodness interchange-users@interchange.redhat.com
Tue Apr 2 15:54:01 2002


On Tue, 2002-04-02 at 14:52, Kevin Walsh wrote:
> > 
> > How can I get around Safe so that I can use modules in my GlobalSub?
> > 
> 
> >From the Tags Reference:
> ----------------------------------------------------------------------
> 4.52.2.4. subs
> If you have set the AllowGlobal catalog directive, setting subs=1 will
> enable you to call GlobalSub routines within the enclosed perl code.
> Note that this can compromise security.
> 
> 4.52.2.5. global
> If you have set the AllowGlobal catalog directive, setting global=1
> will turn off Safe protection within the tag.
> 
> The code within the tag will then be able to do anything the user ID
> running Interchange can. This seriously compromises security, and you
> should know what you are doing before using it in a public site.
> It is especially dangerous if a single Interchange server is shared
> by multiple companies or user IDs.
> 
> Also, full 'use strict' checking is turned on by default when in
> global mode. You can turn it off by using 'no strict;' within your
> code. Note that any strict errors will go to the Interchange error
> logs, and the tag itself will fail silently within the page.
> ----------------------------------------------------------------------


>I call them from my [ic] pages like this:

>[perl subs=1]
>my @out = silly();
>return("@out");
>[/perl]

I changed this to [perl global=1 subs=1] and added AllowGlobal
foundation to interchange.cfg.

> unless ($sock) { die "cannot connect to post host" }
> $sock->autoflush(1);
> foreach $line (@out) {
>   print $sock "$line\n";
> }


An error occurred at the first mention of $line which was undeclared as
a my local. When fixed it made everything work beautifully. The post
office is now consulted for their current shipping prices on checkout, I
can go into business, my wife won't leave me and my kids won't die.

This is cause for celebration.