Beefy Boxes and Bandwidth Generously Provided by pair Networks
XP is just a number
 
PerlMonks  

Re^5: Perl CGI - Viewing logfiles - Security Issues

by Melly (Hermit)
on Jan 10, 2007 at 19:09 UTC ( #593982=note: print w/ replies, xml ) Need Help??


in reply to Re^4: Perl CGI - Viewing logfiles - Security Issues
in thread Perl CGI - Viewing logfiles - Security Issues

The point is that you don't need the softlink - indeed, as long as you keep it, your security will be compromised. Get rid of it.

My script, for example, runs with links like:

<a href="/cgi-bin/viewlogs.pl?log=1">Access log</a>

Your links might look like:

<a href="/cgi-bin/viewlogs.pl?username=foobar">Foobar's log</a>

Once more with feeling, your perl-script can access files that are not accessable to the web-server directly, and that is the way to keep content secure.

map{$a=1-$_/10;map{$d=$a;$e=$b=$_/20-2;map{($d,$e)=(2*$d*$e+$a,$e**2 -$d**2+$b);$c=$d**2+$e**2>4?$d=8:_}1..50;print$c}0..59;print$/}0..20
Tom Melly, pm@tomandlu.co.uk


Comment on Re^5: Perl CGI - Viewing logfiles - Security Issues
Select or Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://593982]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others about the Monastery: (8)
As of 2015-07-08 04:39 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (94 votes), past polls