Re: static ip to dhcp conversion -- getting a hostname

To: debian-user@lists.debian.org
Subject: Re: static ip to dhcp conversion -- getting a hostname
From: Alan Shutko <ats@acm.org>
Date: Fri, 05 Mar 2004 15:10:50 -0600
Message-id: <[🔎] 874qt3f19h.fsf@wesley.springies.com>
In-reply-to: <[🔎] 6.0.0.22.0.20040305155147.129b4c68@pop.face2interface.com> (Marty Landman's message of "Fri, 05 Mar 2004 15:58:38 -0500")
References: <[🔎] 6.0.0.22.0.20040305155147.129b4c68@pop.face2interface.com>

Marty Landman <MLandman@face2interface.com> writes:

> Besides the problem of breaking things that work, isn't this also a
> potential security issue? 

Yes.  Broken scripts can break.

Checking against hostname has never been exceptionally secure.  

> It includes a provision for hard coding the domain it is installed
> to, which the script compares at run time against the
> $ENV{HTTP_REFERER}. If these don't match the email won't be sent.

You realize that someone could just send a different referer header?

-- 
Alan Shutko <ats@acm.org> - I am the rocks.
You read fiction novels? I read fiction on the nets.

Reply to:

Follow-Ups:
- Re: static ip to dhcp conversion -- getting a hostname
  - From: Marty Landman <MLandman@face2interface.com>

References:
- Re: static ip to dhcp conversion -- getting a hostname
  - From: Marty Landman <MLandman@face2interface.com>

Prev by Date: Re: swapping interfaces
Next by Date: Re: static ip to dhcp conversion -- getting a hostname
Previous by thread: Re: static ip to dhcp conversion -- getting a hostname
Next by thread: Re: static ip to dhcp conversion -- getting a hostname
Index(es):
- Date
- Thread