|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: CGIs running on Windows
From: Joe (joe
BLARG.NET)Date: Tue Oct 10 2000 - 14:37:23 CDT
- Next message: Kay Three: "Re: SUID server"
- Previous message: Joe: "Re: WebWasher"
- In reply to: - Evil: "CGIs running on Windows"
- Next in thread: Nik Cubrilovic: "Re: CGIs running on Windows"
- Reply: Joe: "Re: CGIs running on Windows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, 9 Oct 2000, - Evil wrote:
> open FILE, "$some_user_controllable_input;
>
> is secure on a machine running Windows? At least on machine running *nix
> it would be a big security hole.
Unvalidated user supplied input supplied to an OPEN command is a big security
hole regardless of OS or programming language used. <os bigot=linux>Maybe
you see this more often in Win specific CGIs because Win programmers
are less clueful than *Nix programmers?</os bigot>
-- Joe Technical Support General Support: support
- Next message: Kay Three: "Re: SUID server"
- Previous message: Joe: "Re: WebWasher"
- In reply to: - Evil: "CGIs running on Windows"
- Next in thread: Nik Cubrilovic: "Re: CGIs running on Windows"
- Reply: Joe: "Re: CGIs running on Windows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]