Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation

Re: The Man Who Knew Too Little

by cjf (Parson)
on Jun 07, 2002 at 12:34 UTC ( [id://172501]=note: print w/replies, xml ) Need Help??

in reply to Apache/CGI config and shared library problem (xstat?) ( was: The Man Who Knew Too Little)

Don't use those scripts, take them offline now. Yes right now.

They have many major security vulnerabilities including using unchecked parameters as the path to open files. Please read Essential CGI Security Practices and make sure you understand all the points before placing a script online.

Replies are listed 'Best First'.
Re: Re: The Man Who Knew Too Little
by FoncÚ (Scribe) on Jun 07, 2002 at 12:41 UTC
    Hmm...okay then. Will do.

    In the meantime...aside from writing my own script, which is just not that good of an idea (yet) since I know so little, do you have any suggestions of a secure programme to use?

      A start would be looking at the NMS scripts. They won't replace it but will give you a few parts (such as a good formmail script) that could help.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://172501]
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others avoiding work at the Monastery: (5)
As of 2024-07-19 13:04 GMT
Find Nodes?
    Voting Booth?

    No recent polls found

    erzuuli‥ 🛈The London Perl and Raku Workshop takes place on 26th Oct 2024. If your company depends on Perl, please consider sponsoring and/or attending.