Keep It Simple, Stupid | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
From looking at your code, it appears that it is vulnerable to directory traversal attacks. If someone requests URLs like "/../../../../../../etc/passwd", you happily deliver the system's user database. Also I'd guess that you'll get a lot of warnings if a client terminates the connection without sending a request. However I may be wrong; I did not run your code, I only had a look at it. I realize that you are doing this only as an exercise, but I'd strongly recommend thinking about malicious input when writing networking software. In reply to Re: how to improve my script
by betterworld
|
|