Re: Calling Perl from HTML

What is your point? The program as presented isn't insecure at all - everything is set from within the program. It would pass -T without a problem.

Of course you get problems if you do what you suggested above. But then, you will get the same problem if you do

    system "/bin/rm -rf /";
[download]

But that's just stupid, not insecure.

Abigail

Comment on Re: Calling Perl from HTML Download Code

Replies are listed 'Best First'.
Re: Re: Calling Perl from HTML by OEMike (Novice) on Jul 15, 2002 at 15:14 UTC
Plot Thickens: Turns out that the CGI is running, in that it sends an email to the account I specify, yet it still shows the error as reported -- I placed a generic print "test"; before the Close (SENDMAIL) and that never happens?!	[reply]
Re: Re: Calling Perl from HTML by stajich (Chaplain) on Jul 15, 2002 at 15:19 UTC
You're right and I definitely failed the stupid test today, sorry to have wasted your time/space on that.	[reply]
Re: Re: Re: Calling Perl from HTML by OEMike (Novice) on Jul 15, 2002 at 16:47 UTC
Stajich: You mentioned reading up on CGI Security - but the olderlink you posted doesnt work - any suggestions? Michael	[reply]