I beleive not mine because i am a newbie user and i cant know whether or not my website has security flaws or holes (at the moment i just want my webpage to work), security is not my conecrn now. I beleive the company should have imagined that might these could happened and prevent them
First of all, you better believe it is your responsibility! Your lack of skill is no excuse for putting flawed code on a website. You should have bothered to read and educate yourself on safe CGI coding practices. You should have bothered to use Safe and taint mode and scrutinized the data input into your script.
The "I didn't know any better" excuse is tired and lame. It's the same excuse used by the people at the office who get infected with viruses over and over. "I didn't know I shouldn't open attachments in strange emails sent to me which promise nude pictures of Britney..."
Now, the company could have done a few things to make the environment you were allowed to execute your scripts in a little safer. But any company that allows any random n00b to install CGIs on their server is "a little whacked". However, that doesn't absolve you of need to code responsibly.
And one more thing. I find the comment "security is not my concern" appalling! It sure is your concern. You and every other person who posts crappy code on that website. Otherwise you can look forward to LOTS more downtime.
Later
In reply to Re: Company hacks through my Perl's Website Security hole
by pzbagel
in thread Company hacks through my Perl's Website Security hole
by Nik
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |