Vulnerability Development mailing list archives

CGIs running on Windows

From: - Evil <ev1ldk () YAHOO COM>
Date: Mon, 9 Oct 2000 04:57:29 -0700

Since we have been discussing CGIs here, I would like
to address
a certain issue. We all know how dangerous CGI scripts
can
be - and we have seen many examples of it - and will
for a
long time. However it seems like the authors of CGIs
take
security less seriously if their script is meant for
Windows
- i.e. when doing open's. Does this mean that a:

open FILE, "$some_user_controllable_input;

is secure on a machine running Windows? At least on
machine
running *nix it would be a big security hole.

thanks!

__________________________________________________
Do You Yahoo!?
Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
http://photos.yahoo.com/

Current thread:

CGIs running on Windows - Evil (Oct 09)
- Re: CGIs running on Windows Bluefish (P.Magnusson) (Oct 10)
- Re: CGIs running on Windows Joe (Oct 10)
- <Possible follow-ups>
- Re: CGIs running on Windows Nik Cubrilovic (Oct 10)