Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation
 
PerlMonks  

Re: Vetting a CGI script

by calin (Deacon)
on Nov 12, 2003 at 17:35 UTC ( [id://306564]=note: print w/replies, xml ) Need Help??


in reply to Vetting a CGI script

I don't know anything about cgi-lib.pl. However, if I were to code this fascist-style, these thoughts would cross my mind:

  • Use the three-or-more-argument version of open. It's safer.
  • Turn $mailprog into a lexically scoped variable or constant (use constant ...). Messing with it is unlikely, but I'm following my fascist mindset.
  • Passing improperly untainted data to sendmail screams SPAM GATEWAY!

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://306564]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others goofing around in the Monastery: (4)
As of 2024-03-28 14:35 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found