Your skill will accomplish what the force of many cannot |
|
PerlMonks |
Re: how to improve my scriptby betterworld (Curate) |
on Jun 15, 2009 at 13:27 UTC ( [id://771655]=note: print w/replies, xml ) | Need Help?? |
From looking at your code, it appears that it is vulnerable to directory traversal attacks. If someone requests URLs like "/../../../../../../etc/passwd", you happily deliver the system's user database. Also I'd guess that you'll get a lot of warnings if a client terminates the connection without sending a request. However I may be wrong; I did not run your code, I only had a look at it. I realize that you are doing this only as an exercise, but I'd strongly recommend thinking about malicious input when writing networking software.
In Section
Seekers of Perl Wisdom
|
|