|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: CGIs running on Windows
From: Bluefish (P.Magnusson) (11a
GMX.NET)Date: Tue Oct 10 2000 - 02:08:23 CDT
- Next message: Daniel Roesen: "Re: Core Dump as an Intrusion Event"
- Previous message: Bluefish (P.Magnusson): "Re: Q: Voice over IP security - anyone?"
- In reply to: - Evil: "CGIs running on Windows"
- Next in thread: Joe: "Re: CGIs running on Windows"
- Reply: Bluefish (P.Magnusson): "Re: CGIs running on Windows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> open FILE, "$some_user_controllable_input;
> is secure on a machine running Windows? At least on
> machine
> running *nix it would be a big security hole.
I've unsure if you can do something weird here, like trying things like "|
command" and so; someone tried? But anyway, it's a big security hole if
the server has readable files which shouldn't be exposed to the internet.
As for windows programmers being more careless, perhaps youy should
refrase it as more clueless ;-)
..:::::::::::::::::::::::::::::::::::::::::::::::::..
http://www.11a.nu || http://bluefish.11a.nu
eleventh alliance development & security team
- Next message: Daniel Roesen: "Re: Core Dump as an Intrusion Event"
- Previous message: Bluefish (P.Magnusson): "Re: Q: Voice over IP security - anyone?"
- In reply to: - Evil: "CGIs running on Windows"
- Next in thread: Joe: "Re: CGIs running on Windows"
- Reply: Bluefish (P.Magnusson): "Re: CGIs running on Windows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]