in reply to Re^3: running an executable from a cgi script
in thread running an executable from a cgi script
So you are allowing a user to upload a text file and your executable is doing some sort of processing on that file. Then yes, you have a potential security problem.
If you're greping the text file for some keywords and printing them back...not such a big deal. If you're letting the user upload a shell script and executing it for them...red alert! So we need to know what your executable is doing with the text.
If you're greping the text file for some keywords and printing them back...not such a big deal. If you're letting the user upload a shell script and executing it for them...red alert! So we need to know what your executable is doing with the text.
In Section
Seekers of Perl Wisdom