in reply to Re^3: running an executable from a cgi script
in thread running an executable from a cgi script
So you are allowing a user to upload a text file and your executable is doing some sort of processing on that file. Then yes, you have a potential security problem.
If you're greping the text file for some keywords and printing them back...not such a big deal. If you're letting the user upload a shell script and executing it for them...red alert! So we need to know what your executable is doing with the text.
If you're greping the text file for some keywords and printing them back...not such a big deal. If you're letting the user upload a shell script and executing it for them...red alert! So we need to know what your executable is doing with the text.
|
---|
Replies are listed 'Best First'. | |
---|---|
Re^5: running an executable from a cgi script
by Angharad (Pilgrim) on Feb 09, 2006 at 17:05 UTC |
In Section
Seekers of Perl Wisdom