libxslt read file rights problems on debian Lenny under mod perl 2.0
by Cosimo Streppone other posts by this author
Oct 28 2009 3:51AM messages near this date
Re: Handler Chain (based on request method)
|
Re: libxslt read file rights problems on debian Lenny under mod perl 2.0
Hi everyone,
I'm experiencing a rather interesting problem after migrating
one of our web applications to debian lenny.
We have xml+xslt based web rendering, and we use XML::LibXSLT
(currently on Lenny, 0.66), to do this.
After migrating to Lenny, XML::LibXSLT refuses to read in
and parse any stylesheet, with errors like:
Local file read for /some/path/www/xsl/stylesheet.xsl refused
error
xsltLoadStyleDocument: read rights for /some/path/www/xsl/stylesheet.xsl
denied
compilation error: file /some/path/www/xsl/anotherone.xsl line 14
element include
xsl:include : unable to load /some/path/www/xsl/stylesheet.xsl
There's a deep investigation going on, but before any other details
I might add, does anyone know anything about this issue?
I can't think we're the first ones on Earth
working with libxslt under lenny's mp (or maybe we are :)
Now for the gory details.
If I patch libxslt itself to disable the security checks, everything
is fine. That means shortcircuiting xsltGetSecurityPrefs() to return NULL.
If I try to do this with the security callbacks API in XML::LibXSLT,
no way I can make this work under mod_perl. On command line, seems to
be fine. XML::LibXSLT passes all tests, even the security related.
If I hack XML::LibXSLT XS code to bypass the security checks,
*nothing happens* (???). It's like the security checks are still
there, even reinstalling the module and restarting apache. (???)
--
Cosimo
Thread:
Cosimo Streppone
Cosimo Streppone
|
