RE: cgi security aspects

2003-03-11 Thread Bob Showalter
Skorpion wrote: > can you give me a pice of advice of security aspects creating cgi > scripts working with apache server on linux running 2.2.19 kernel - > any backdoors i should be aware of ? See the security resources on the CGI Meta-FAQ: http://www.perl.org/CGI_MetaFAQ.html > is there any cha

cgi security aspects

2003-03-11 Thread Skorpion
can you give me a pice of advice of security aspects creating cgi scripts working with apache server on linux running 2.2.19 kernel - any backdoors i should be aware of ? is there any chance to get a root password via badly writen cgi script - i used mysql and psql dbd pure perl modules with dbi 1.

Re: perl cgi security

2002-11-01 Thread zentara
On Thu, 31 Oct 2002 15:56:59 -0500, [EMAIL PROTECTED] (Todd W) wrote: > >"Jim Lundeen" <[EMAIL PROTECTED]> wrote in message >news:3DBDA799.307DC69A@;jimmyjames.net... >> nothing that will work on Linux box? > >perlcc works... see below. Yeah, I have to say that the perlcc which comes with perl5.8.

Re: perl cgi security

2002-10-31 Thread Todd W
"Jim Lundeen" <[EMAIL PROTECTED]> wrote in message news:3DBDA799.307DC69A@;jimmyjames.net... > nothing that will work on Linux box? perlcc works... see below. > Admin-Stress wrote: > > > Nice, but that will produce .exe, executable file for Windows :( > > > > --- David Simcik <[EMAIL PROTECTED]>

RE: perl cgi security

2002-10-28 Thread Nikola Janceski
this reply. > -Original Message- > From: Abel Lucano [mailto:abel@;decode.com.ar] > Sent: Monday, October 28, 2002 4:35 PM > To: Jim Lundeen > Cc: Admin-Stress; [EMAIL PROTECTED] > Subject: Re: perl cgi security > > I understand instead that you want 'hide' your

Re: perl cgi security

2002-10-28 Thread Abel Lucano
On Mon, 28 Oct 2002, Jim Lundeen wrote: > nothing that will work on Linux box? > > Admin-Stress wrote: > > > Nice, but that will produce .exe, executable file for Windows :( > > > > --- David Simcik <[EMAIL PROTECTED]> wrote: > > > See perl2exe.exe for details on converting scripts into executable

Re: perl cgi security

2002-10-28 Thread Jim Lundeen
nothing that will work on Linux box? Admin-Stress wrote: > Nice, but that will produce .exe, executable file for Windows :( > > --- David Simcik <[EMAIL PROTECTED]> wrote: > > See perl2exe.exe for details on converting scripts into executables. > > > > -D > > _

RE: perl cgi security

2002-10-28 Thread Admin-Stress
Nice, but that will produce .exe, executable file for Windows :( --- David Simcik <[EMAIL PROTECTED]> wrote: > See perl2exe.exe for details on converting scripts into executables. > > -D __ Do you Yahoo!? Y! Web Hosting - Let the expert host your

RE: perl cgi security

2002-10-28 Thread David Simcik
See perl2exe.exe for details on converting scripts into executables. -D -Original Message- From: Jim Lundeen [mailto:jim@;jimmyjames.net] Sent: Monday, October 28, 2002 12:48 PM To: fliptop Cc: Admin-Stress; [EMAIL PROTECTED] Subject: Re: perl cgi security Isn't there a meth

Re: perl cgi security

2002-10-28 Thread Jim Lundeen
Isn't there a method of actually making an executable (compiled) out of a perl script? I heard/saw about is a year or so ago, but never investigated it. I'd be interested in finding out more if anyone has info. Thanks fliptop wrote: > On Sun, 27 Oct 2002 at 14:10, Admin-Stress opined: > > A:I

Re: perl cgi security

2002-10-28 Thread zentara
On Sun, 27 Oct 2002 14:10:58 -0800 (PST), [EMAIL PROTECTED] (Admin-Stress) wrote: >I am new to perl cgi. I would like to ask (maybe a silly question) : >Is it possible to VIEW the source code of a perl cgi from a website? >For example, I wrote a perl cgi like this http://www.myweb.com/cgi-bin/addc

Re: perl cgi security

2002-10-28 Thread fliptop
On Sun, 27 Oct 2002 at 14:10, Admin-Stress opined: A:Is it possible to VIEW the source code of a perl cgi from a website? sure, if your httpd server is improperly configured. A:For example, I wrote a perl cgi like this A:http://www.myweb.com/cgi-bin/addcustomer.pl A: A:The purpose of that script

perl cgi security

2002-10-27 Thread Admin-Stress
Hi, I am new to perl cgi. I would like to ask (maybe a silly question) : Is it possible to VIEW the source code of a perl cgi from a website? For example, I wrote a perl cgi like this http://www.myweb.com/cgi-bin/addcustomer.pl The purpose of that script is to add new customer into my MySQL dat

Re: CGI-security

2001-07-27 Thread Curtis Poe
--- Blader Robert G DLVA <[EMAIL PROTECTED]> wrote: > Hi folks, > > I confess - I'm a newbie. Not only that, I'm a newbie in over his > head. I'm trying to come up with guidelines for writing and perhaps testing > cgi scripts for security (lack thereof). Can anyone out there point me to

CGI-security

2001-07-27 Thread Blader Robert G DLVA
Hi folks, I confess - I'm a newbie. Not only that, I'm a newbie in over his head. I'm trying to come up with guidelines for writing and perhaps testing cgi scripts for security (lack thereof). Can anyone out there point me to resources - books, web sites, etc. that discuss this?