Vulnerability Development mailing list archives

Re: CGIs running on Windows

From: Joe <joe () blarg net>
Date: Tue, 10 Oct 2000 12:37:23 -0700

On Mon, 9 Oct 2000, - Evil wrote:

open FILE, "$some_user_controllable_input;

is secure on a machine running Windows? At least on machine running *nix
it would be a big security hole.


Unvalidated user supplied input supplied to an OPEN command is a big security
hole regardless of OS or programming language used. <os bigot=linux>Maybe
you see this more often in Win specific CGIs because Win programmers
are less clueful than *Nix programmers?</os bigot>

--
Joe                                     Technical Support
General Support:  support () blarg net     Blarg! Online Services, Inc.
Voice:  425/401-9821 or 888/66-BLARG    http://www.blarg.net

Current thread:

CGIs running on Windows - Evil (Oct 09)
- Re: CGIs running on Windows Bluefish (P.Magnusson) (Oct 10)
- Re: CGIs running on Windows Joe (Oct 10)
- <Possible follow-ups>
- Re: CGIs running on Windows Nik Cubrilovic (Oct 10)