[Date Prev][Date Next][Thread Prev][Thread Next] [Search] [Date Index] [Thread Index]

[MacPerl] CGI question

To: mac-perl@iis.ee.ethz.ch
Subject: [MacPerl] CGI question
From: Aperghis-Tramoni Sebastian <madingue@cis.uni-muenchen.de>
Date: Mon, 18 Aug 97 14:47:22 +0200
References: <33F575F7.3564@ruraltel.net>


I have written a CGI which works (for now! :-) ) but I'd want to add a  
feature which uses Perl regexp. So my question is: does anyone can use the  
following code in order to do forbidden things ?

    eval " \$found = m#$regexp# "

where the $regexp variable directly comes from $ENV{'QUERY_STRING'}.

I would really like to know that because for now, I can't find any hole, and  
I don't want to use something which could be dangerous in my CGI..

Thanks in advance.

***** Want to unsubscribe from this list?
***** Send mail with body "unsubscribe" to mac-perl-request@iis.ee.ethz.ch

Follow-Ups:
- Re: [MacPerl] CGI question
  - From: David McWherter <dtm@water.waterw.com>

References:
- [MacPerl] Mac Server --> Fake IP
  - From: rbuff@ruraltel.net (Richard Duff)

Prev by Date: Re: [MacPerl] MacPerl 5.1.4b1 on 68k?
Next by Date: Re: [MacPerl] OSA Extention for PERL
Prev by thread: Re: [MacPerl] Mac Server --> Fake IP
Next by thread: Re: [MacPerl] CGI question
Navigation: Date Index | Thread Index | Search | Other lists at bumppo.net