RE: Perl code security (CGI related)
From: jnf (jnf_at_datakill.org)
Date: 04/06/04
- Previous message: Glynn Clements: "Re: How does GCC > 3.* do the padding in memory allocation?"
- Maybe in reply to: Rick Zhong: "Perl code security (CGI related)"
- Next in thread: Sebastian Krahmer: "Re: Perl code security (CGI related)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 6 Apr 2004 01:21:39 -0500 (EST) To: Michael Silk <silkm@hushmail.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
hrm, clever- ive never thought of that- and im sure it would come out
'cleaner' than adding a null byte.
j
- --
It is only the great men who are truly obscene. If they had not dared to
be obscene, they could never have dared to be great.
-- Havelock Ellis
On Mon, 5 Apr 2004, Michael Silk wrote:
> Yes, My example was only to exec shell command, not specific
> for the code posted ... you'd probably be better off inputting
> something like:
> --------------------
> $default = " someCommonPm.pm;\nsystem(\"ls\");\n#";
> --------------------
>
> to just comment out the remaing chars ...
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (OpenBSD)
iD8DBQFAckx3sKAeTAhLiCERAutOAKCB6zyGbhQtHm37PDnNFvghe3WxqgCdEAgu
vMPI5kQHCP0/Q9KWr0sL+EA=
=clgH
-----END PGP SIGNATURE-----
- Previous message: Glynn Clements: "Re: How does GCC > 3.* do the padding in memory allocation?"
- Maybe in reply to: Rick Zhong: "Perl code security (CGI related)"
- Next in thread: Sebastian Krahmer: "Re: Perl code security (CGI related)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
