We don't bite newbies here... much | |
PerlMonks |
(Ovid) Re(2): Preventing DOS attacks with CGI.pmby Ovid (Cardinal) |
on Aug 10, 2001 at 01:47 UTC ( [id://103663]=note: print w/replies, xml ) | Need Help?? |
Since Lincoln Stein has added these global variables in CGI.pm, he's clearly aware of DOS problems. He has these fairly well documented in his POD, so I also wonder why they're not set. My guess is that he realizes that there is a hole here but he's trying to maintain backwards compatibility. I understand that one or both of these variables have been removed in CGI.pm versions 3+, so I'm curious how this situation has been addressed. tachyon raised this issue in this post about a security problem with 3.01. Since these globals don't appear to be present, it seems that this code wouldn't work for the newer versions. Cheers, Vote for paco! Join the Perlmonks Setiathome Group or just click on the the link and check out our stats.
In Section
Seekers of Perl Wisdom
|
|