> The answer to your question is: Be afraid, be very afraid. A wiley cracker > may be able to run system commands if you allow him/her to upload code. Even > without knowing that much, they could simply create a script that generates > a big enough upload to cause DoS (denial of service) on your server. My > advice is always to err on the side of caution. Never think "that would > never happen on MY site."
Well, does it help that this code snippet we have been looking at is not in a file with a .cgi or .pl extension, but in a .pm file being used by the actual .cgi file that people would be posting to. Jes' curious.. Thanks 4 All Luke -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
