I really don't want to put words in Abigail-II's mouth, so I'll add my own. ;) I think that the point is that an ISP who allows its users to install CGI scripts from any source (including self-developed / written) without first reviewing the script is exposing themselves (and their clients) to security risks.

Today it may have been Matt's script. But how many times have we seen security-hole ridden code posted here along with questions, by folks other than Matt Wright? It happens all the time, and one can only assume that such code eventually finds its way onto some unsuspecting ISP's system. And for every example we see here, there are thousands that never are seen by anyone aside from the script-kiddie (or sub-par professional) who wrote them, until the damage is done.

Any ISP who allows user-written and user-installed scripts onto its servers without prior review (a time-consuming and costly process), or without operating it in an environment that prohibits it from bad behavior, probably has serious breeches lurking, that may be found eventually.

This is an unfortunate situation; a few bad apples ruin it for everyone. A substantial portion of ISP's have stopped allowing just anybody to post CGI scripts. This is a step in the right direction for security, and a step backward for the hobbiest, even if he/she produces secure code.


Dave

In reply to Re: Re: Matt's scripts strike again by davido
in thread Matt's scripts strike again by zentara

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.