>At 9.23 7/10/97, Claes Bjorklund wrote: >>Is this this cgi script dangerous? > >>$math = $FORM{'calc'}; >>$res=eval "$math"; > >Yes. Now, it is not as dangerous as it is on a UNIX box, but it is still >dangerous. Any Perl statement can be executed by the web user. > >Imagine the calculation was something like this, but only more damaging: > > MacPerl::Answer('Erase System Folder?', 'OK') > [...] Hi How I do a script which is safe,I understand must do some check of the input, please help me, I am a beginner Regards \Claes -------------------------------------------------- Claes Bjšrklund http://www.canit.se/~claes claes@canit.se finger claes@uno.canit.se -------------------------------------------------- ***** Want to unsubscribe from this list? ***** Send mail with body "unsubscribe" to mac-perl-request@iis.ee.ethz.ch