At 9.23 7/10/97, Claes Bjorklund wrote: >Is this this cgi script dangerous? >$math = $FORM{'calc'}; >$res=eval "$math"; Yes. Now, it is not as dangerous as it is on a UNIX box, but it is still dangerous. Any Perl statement can be executed by the web user. Imagine the calculation was something like this, but only more damaging: MacPerl::Answer('Erase System Folder?', 'OK') -- Chris Nandor pudge@pobox.com http://pudge.net/ %PGPKey=('B76E72AD',[1024,'0824 090B CE73 CA10 1FF7 7F13 8180 B6B6']) ***** Want to unsubscribe from this list? ***** Send mail with body "unsubscribe" to mac-perl-request@iis.ee.ethz.ch