in reply to do not use this script in a public environment!
in thread CGI- based calendar

Damn! Thanks a lot for pointing these facts out, I sorta hoped for some guidance with security issues. If you have any suggestions as for where to find tutorials etc. on writing safe CGI- scripts, please go ahead (yes, I know how to use a search engine, but still.. ). I hope nobody actually has used this.. //mjh
  • Comment on RE: do not use this script in a public environment!

Replies are listed 'Best First'.
RE: RE: do not use this script in a public environment!
by perlcgi (Hermit) on Jun 02, 2000 at 18:07 UTC
    A great source for CGI security info is CGI Programming with Perl. Chapter 8 on Security is free! on line at at O'Reilly.
[reply]
RE: do not use this script in a public environment!
by antihec (Sexton) on Jun 02, 2000 at 18:10 UTC
    > If you have any suggestions as for where
    > to find tutorials etc. on writing safe CGI-
    > scripts, please go ahead

    Well, actually I don't know any resources. Perhaps we should go start creating one around the Monastery here?

    Would Q&A be an ok Area for such a thing, or should we perhaps make it into a tutorial. I can't say I know enough about security to cover Everything(tm) - but with the help of fellow monks it could get a nice (and IMHO needed) thing.

    What are your thoughts on this?

    super: now I'm done writing this, I note a certain "perlcgi" obsoletes my node before even having finished it. Thanks a lot!
    ;-) 

    -- 
bash$ :(){ :|:&};:

    [download]
[reply]
[d/l]
      Well, the Perl security manpage at the Library is a very good read, though it doesn't really cover CGI. A must_read anyway. //mjh
[reply]
RE: RE: do not use this script in a public environment!
by antihec (Sexton) on Jun 03, 2000 at 01:30 UTC
[reply]
[d/l]

In Section Code Catacombs