OF COURSE THIS COULD BE EXPLOITED. Jesus christ I would expect a three year old to be able to come up with that amazing conclusion. But that wasn't the point. The point was that the original poster wanted a script that would take commands via http/cgi and execute them on the local machine. There are hundreds of ways to secure this, I'm supposed to guess which exact one he wants to use?

And you know what? You could make this script perfectly secure without changing one line, simply by placing it in a password protected apache folder. There ya go, perfect security with my script. Is this the best solution? Of course not, as it stands now theres no security.

I didn't realize that posting solutions for people who ask questions required writing 300 line programs complete with pod documentation. All this code was meant to do was spur the original poster on to developing his own ideas, it just demonstrates the two basic functions he would need to do so, or atleast one way of doing so.

Judging by the number of down votes that node has received I can only guess that people either A) think the original post is so incredibly stupid that he won't realize theres no security in that script or B) want me to write all of the original posts code for him. As it happens I don't think the poster is stupid enough to use this unsecured and I'm not going to write the complete code necessary for every little request.

In reply to Re: Re: Re: Remote Administration using Apache mod_perl by BUU
in thread Remote Administration using Apache mod_perl by Anonymous Monk

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.