Hi Perrin, > -----Original Message----- > From: Perrin Harkins [mailto:suppressed > Sent: 30 March 2007 14:27 > To: Shah, Sagar: IT (LDN) > Cc: suppressed; suppressed; Client > Research Development > Subject: Re: "Insecure dependency in eval while running setgid" error > > On 3/30/07, suppressed > <suppressed> wrote: > > I did this yesterday along with the other debugging. > Unfortunately there > > doesn't seem to be a sequence of hits. The child process could have > > served multiple hits to the page in question or none at all. > > You need the sequence this child followed on ALL requests since it was > spawned, not just the ones from one specific page. We did do, the change we made was to the log format in the httpd.conf so we have the pid for every single access log entry. What we found is that sometimes the problem would occur with httpd processes that had served nothing other than this page and static content (gifs, js files etc.) . In other cases the httpd process had served cgi scripts and our other mod_perl page, but I don't think the other mod_perl page or the forked cgi's are relevant given that there are instances where only static content has been served. Is that a fair conclusion to make? As well as the access pid logging and the error log debugging we trussed the httpd, and while I'm no expert at reading truss and have very little C knowledge I couldn't spot anything untoward going on in terms of system calls. ------------------------------------------------------------------------ For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. ------------------------------------------------------------------------
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.