in reply to Apache/CGI config and shared library problem (xstat?) ( was: The Man Who Knew Too Little)

Don't use those scripts, take them offline now. Yes right now.

They have many major security vulnerabilities including using unchecked parameters as the path to open files. Please read Essential CGI Security Practices and make sure you understand all the points before placing a script online.

Replies are listed 'Best First'.
Re: Re: The Man Who Knew Too Little
by Foncé (Scribe) on Jun 07, 2002 at 12:41 UTC
    Hmm...okay then. Will do.

    In the meantime...aside from writing my own script, which is just not that good of an idea (yet) since I know so little, do you have any suggestions of a secure programme to use?
[reply]

      A start would be looking at the NMS scripts. They won't replace it but will give you a few parts (such as a good formmail script) that could help.

[reply]

In Section Seekers of Perl Wisdom