Re: Apache and perl CGI

To: debian-user@lists.debian.org
Subject: Re: Apache and perl CGI
From: Patter <steve@patter.mine.nu>
Date: Mon, 3 Dec 2007 16:54:45 +0000
Message-id: <[🔎] lvod25-o9q.ln1@moriarty.lan>
References: <[🔎] 20071202220344.GB5137@alfa.qvirt.zxc> <[🔎] FBE0453C-B3F2-4791-86CC-CBCB632E5ADF@inkfist.com>

On Mon, 03 Dec 2007 16:40:16 +0100, Bogart Salzberg wrote:
> Perl has a "taint" mode (add switch "-T" to the command line or  
> shebang line, as in "#!/usr/bin/perl -T"). The taint mode, I think,  
> prevents user input from being used in unsafe operations until it is  
> filtered by a regular expression.
>
> Taint mode is not as comprehensive as PHP's safe mode. Type "perldoc  
> perlsec" on the command line for a good tutorial on security in Perl.

You should also add 'use strict' & 'use warnings' to your perl scripts,
they're both very useful for keeping your code healthy.

http://perlmonks.org/?node_id=111088

> Perl also does not have a built-in "mail" function.

You can use MIME::Lite for that, or write directly to sendmail. You
probably don't want to allow people to enter the email destination
address.


-- 
Stephen Patterson :: steve@patter.mine.nu :: http://patter.mine.nu/
GPG: B416F0DE :: Jabber: patter@jabber.earth.li 
"Don't be silly, Minnie. Who'd be walking round these cliffs with a gas oven?"

Reply to:

Follow-Ups:
- Re: Apache and perl CGI
  - From: Misko <adatrg-mlist@yahoo.com.au>

References:
- Apache and perl CGI
  - From: Misko <adatrg-mlist@yahoo.com.au>
- Re: Apache and perl CGI
  - From: Bogart Salzberg <webmaster@inkfist.com>

Prev by Date: Re: SUDO
Next by Date: Re: I have a problem with Courier Imap
Previous by thread: Re: Apache and perl CGI
Next by thread: Re: Apache and perl CGI
Index(es):
- Date
- Thread