This is a fragment of dhelp's dsearch CGI script:
# Pass parameters to Swish++ search program
open (SEARCH, '-|')
or exec '/usr/bin/search++', '-i', '/var/lib/dhelp/swish++.index', "$search";
>From the Perl documentation it should be safe to pass "unsafe" characters
in $search (perldoc -f exec).
I would like to read your opinion before allowing such things like *
Think of it !
For projects and other business stuff please refer to COBOLT NetServices
(URL: http://www.cobolt.net; Email: firstname.lastname@example.org; Phone: 0041-1-3884400)
To UNSUBSCRIBE, email to email@example.com
with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org