in reply to Can we top this security problem?

hehe...You guys like to overkill don't you:P
Take Merlyn's code and replace $evilcode with

qw(system "echo","+ +",">>~/.rhost";);

[download]
hell, merlyn prolly already thought of that:P I guess once you prove you can exploit the script it becomes more of a system discussion.

Replies are listed 'Best First'.
RE: Re: Can we top this security problem?
by merlyn (Sage) on Oct 06, 2000 at 18:23 UTC
    Right, the point of my script is that $evil_code can be any Perl code, so I've reduced the problem to "where do you want to go today?" with whatever choice of damage you want.

    -- Randal L. Schwartz, Perl hacker

[reply]

In Section Seekers of Perl Wisdom