|Come for the quick hacks, stay for the epiphanies.
Re^4: running an executable from a cgi scriptby swkronenfeld (Hermit)
|on Feb 09, 2006 at 16:58 UTC
So you are allowing a user to upload a text file and your executable is doing some sort of processing on that file. Then yes, you have a potential security problem.
If you're greping the text file for some keywords and printing them back...not such a big deal. If you're letting the user upload a shell script and executing it for them...red alert! So we need to know what your executable is doing with the text.