Re: security on a html page with perl.

On Tue, 24 Aug 2004, Jose Alves de Castro wrote: One thing that could be done was to have the page with the form generate the hidden field in a way that only the script could validate it... But that's exactly the problem I'm talking about -- what would that solve? The machinery to do that well w

Re: security on a html page with perl.

On Tue, 2004-08-24 at 15:36, Chris Devers wrote: > On Tue, 24 Aug 2004, Jose Alves de Castro wrote: > > > On Tue, 2004-08-24 at 15:22, Chris Devers wrote: > > > >> The obvious way I can think of to do this is to make the download page a > >> script that checks to see that: > >> > >>* mandatory

Re: security on a html page with perl.

On Tue, 24 Aug 2004, Jose Alves de Castro wrote: On Tue, 2004-08-24 at 15:22, Chris Devers wrote: The obvious way I can think of to do this is to make the download page a script that checks to see that: * mandatory form fields are defined as input for the download script * the referring page

Re: security on a html page with perl.

On Tue, 2004-08-24 at 15:22, Chris Devers wrote: > On Tue, 24 Aug 2004, Joe Echavarria wrote: > > > After a user fill out a form and submit it a perl > > script takes the user to a download page of my > > website. how can i prevent a user from directly > > access the download page using the web

Re: security on a html page with perl.

On Tue, 24 Aug 2004, Joe Echavarria wrote: After a user fill out a form and submit it a perl script takes the user to a download page of my website. how can i prevent a user from directly access the download page using the web browser.., for example http://www.mydomain.com/download_page.html, i o

OT: RE: Security Question

I think this is off-topic for this list. It's more of a cryptography question than a Perl question (and it's not even really a question). -Original Message- From: Jenda Krynicky [mailto:[EMAIL PROTECTED] Sent: Monday, April 26, 2004 3:44 PM To: [EMAIL PROTECTED] Subject: Re

Re: Security Question

From: WC -Sx- Jones <[EMAIL PROTECTED]> > Originally I asked this question around 1998, I'd like to see > if anything new has occurred since then because the client I > wrote the security code for which generated this key is *still* > using that application today - > > > Please, decode this key:

Re: Security Question

On Apr 23, 2004, at 9:04 PM, WC -Sx- Jones wrote: [..] Please, decode this key: SxEyj/gJs5pXISX11386025 Thank you in advance :) [..] My compliments to your wit. ciao drieux --- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]

RE: Security Code Validation for Forms

> Hi All, I know of a service that I helped develop that uses Encryption and the Imager Module to do this. Email me off list if your interested in details of that service. Thanks, Dan > > I am trying to find a way, to place a security code image on > to a web form, so that the user, has to

Re: Security Code Validation for Forms

Adam Gent wrote: Hi All, I am trying to find a way, to place a security code image on to a web form, so that the user, has to copy the text from the image into a text field before they can continue, similar to hotmail, paypal etc I have been looking around the web and on CPAN for a solution to thi

Re: security check

--- [EMAIL PROTECTED] wrote: > I need your guys opinion. I'm thinking of having a sub ran in every sub to > check to make sure this script is being ran only through my own domain. I > think this will only break down a valid referral from > http://www.digital-drakon.com/*anything* . The only

Re: Security question re POST data

From: Shaun Fryer <[EMAIL PROTECTED]> > Please take into account that I'm new at this... > > Rather than using CGI.pm, I'm using the following library sub-routine > which was passed to me by a friend (I think from one of the O'Reilly > books). Especialy since you are new at this you should use

Re: Security question re POST data

On Apr 5, Shaun Fryer said: >Rather than using CGI.pm, I'm using the following library sub-routine >which was passed to me by a friend (I think from one of the O'Reilly >books). What I'm wondering is if Perl 5 has any built in functionality I highly doubt it was found in an O'Reilly book -- if i

Re: Security advice: SHA vs crypt for authenticator

Wednesday, January 16, 2002, 6:45:40 PM, [EMAIL PROTECTED] wrote: > I'm using a nice little GDBM file for authentication. It just stores users > and passwords as SHA1 hashes. When I need to authenticate someone (fewer > than 15 lines in the dbm file) I just tie it and compare the SHA'd user > inp

Re: Security advice: SHA vs crypt for authenticator

On Wednesday 16 January 2002 11:45 am, [EMAIL PROTECTED] wrote: > Hello, > I'm using a nice little GDBM file for authentication. It just stores users > and passwords as SHA1 hashes. When I need to authenticate someone (fewer > than 15 lines in the dbm file) I just tie it and compare the SHA'd user

Re: Security Mechanisms with Perl/Apache on an Hosted Website???

On 9/25/01 10:26 AM, "Bill Jones" <[EMAIL PROTECTED]> wrote: > That is a big can of worms... > > There are various ways to get what you want - some better and more secure > than others; but not having root access is not a big deal... > > Something that may help point you in a better direction:

Re: Security Mechanisms with Perl/Apache on an Hosted Website???

fmteyewtka remote authentication: http://library.smc.edu/rpa.htm > Hey folks, > I'm trying to cobble together some form of authentication mechanism on a > website I am building for a friend. His ISP uses Perl & Apache (it's on a > linux box). I (obviously) don't have root priviledges and have lim

Re: Security Mechanisms with Perl/Apache on an Hosted Website???

On 9/25/01 11:10 AM, "David Simcik" <[EMAIL PROTECTED]> wrote: > Hey folks, > I'm trying to cobble together some form of authentication mechanism on a > website I am building for a friend. His ISP uses Perl & Apache (it's on a > linux box). I (obviously) don't have root priviledges and have limit

Re: Security

>although I am not really knew to programming I never bothered about >security. I know that > >perldoc perlsec > >provides information about security, but I don't understand half of what I >am reading. Does anyone know where I can find good tutorials for beginners? Please provide more informatio

Re: Security Question (follow-up question)

> Bob Mangold <[EMAIL PROTECTED]> said: > This is somewhat alarming to me because I hadn't realized this potential > before, but is there an easy way to check what is being opened. Would using a > -f() or -d() to verify that you were actually opening a file or directory do > the trick? Be mindfu

RE: Security Question (follow-up question)

t; > So don't be afraid to use 'open' if you know exactly what you're opening ... > ;) > > -Original Message- > From: Mooney Christophe-CMOONEY1 > [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, July 31, 2001 9:41 AM > To: Perl Beginners > Subject:

Re: Security Question

On Tue, 31 Jul 2001, Customer Service wrote: > I was reading a reply to a question this morning that stated that the open() > call is a big security hole because someone could put in ";rm -rf ." as the > value for $email. > What does ";rm -rf ." do? Why is it so dangerous? rm -rf deletes every

RE: Security Question

. ;) -Original Message- From: Mooney Christophe-CMOONEY1 [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 31, 2001 9:41 AM To: Perl Beginners Subject: RE: Security Question 'rm -rf .' is a unix command that removes everything in the current direcotry PERMANENTLY and UNCONDITION

RE: Security Question

'rm -rf .' is a unix command that removes everything in the current direcotry PERMANENTLY and UNCONDITIONALLY -Original Message- From: Customer Service [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 31, 2001 9:44 AM To: Perl Beginners Subject: Security Question Dear Sirs, I first of all