[Israel.pm] securing CGI scripts
Shlomo Yona
shlomo at cs.haifa.ac.il
Sun Sep 26 23:08:41 PDT 2004
Hello,
I have a CGI script that is used to serve as a
"web-interface" (along with an HTML form) demo for a
commanline program I wrote.
I've been asked to put it on a public web server and allow
free access to this demo.
Now... the demo takes the input written in a FORM and pipes
it to a pipeline of oneliners and then prints back a
transformation of the returned output.
This "logic" seems very insecure and may result in data loss
on the server.
I wonder if you guys can give some finger-rules, suggestions
and tips that will enable me to get back to the script and
do something to increase its security.
Thanks.
--
Shlomo Yona
shlomo at cs.haifa.ac.il
http://cs.haifa.ac.il/~shlomo/
More information about the Perl
mailing list