louie miranda (axishift.ath.cx)
--
Security Is A Series Of Well-Defined Steps
chmod -R 0 / ; and smile :)
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
I have to secure a newly developed web search service that deals with
sensitive fiscal information, this originally consisted of Perl scripts that
called html pages or other scripts. The default page ran a rudimentary login
script that launched a variety of html pages or further scripts, the html
At 12:22 PM 9/18/2001 +0200, Grierson, Garry (UK07) wrote:
>I have to secure a newly developed web search service that deals with
>sensitive fiscal information, this originally consisted of Perl scripts that
>called html pages or other scripts. The default page ran a rudimentary login
>script that
1) Ok point taken.
2) Mabey a little unclear here: The script 'prints' a HTML page if the
password is accepted. When an option is selected from the HTML page it calls
another script passing the password data originally passed to the current
script as part of the HTML FORM information.
E.g.
(HTM
The internal people that have been granted access to the servers running
this system probably wouldn't have the knowledge or inclination to attempt a
hack. Only around eighty out of a possibly much higher number have been
given access although it is intended that some external users may be given
a
That doesn't sound a good idea at all. Anyone can view the (HTML) source of
a web page, and can pick anything they like out of it.
Having validated a user, by means of password or otherwise, I would create a
session code, (use MD5, or something), and embed this as a hidden field
within the HTML.
> use strict;
> use CGI;
> my $q = new CGI;
> my $password = $q->param( "password" );
>
> if ($password eq 'password'){ #only an example#
> print < ~~~ To Run Script Two, Three , Four ,
> etc.~~~
>
> It works but how secure is it assuming nobody is going to see the
> 'password'?
H
Hi:
i've got a simple question:
I have a variable $var and its value is 345.678975 (for example).
How can i format $var to became 345.67 only two digits after the
point...
Another question... my script is generating a html document and i want to
put the following text: US$
How can i put the
On Tue, 18 Sep 2001, Wagner wrote:
> I have a variable $var and its value is 345.678975 (for example).
> How can i format $var to became 345.67 only two digits after the
> point...
printf("%.2f", $var);
Note that this will do actual rounding of your number as well.
> Another question... my
At 04:37 PM 09/18/2001 +0200, Grierson, Garry (UK07) wrote:
>The internal people that have been granted access to the servers running
>this system probably wouldn't have the knowledge or inclination to attempt a
>hack.
Well, lets get our terminology straight first :)
To "hack" is a good thing...
I would go:
unless ( ($x < 50) || ($x > 80) ){
print "";
}
of course you could use and, or
you can only use and, or if your running at least Perl5
-Original Message-
From: "David Draley"<[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Date: Mon Sep 17 14:36:06 PDT 2001
Subject: "Unless"
I would run everything inside of a Secure Socket Layer (SSL) Win32 and/or use some
type of algorithm to encrypt the data between scripts. I would look into Digest::MD5,
it's a 128 bit one way hash algorithm. Go to CPAN for more info. Could be an idea to
get you started.
GL,
Mark Bergeron'
---
On Tue, 18 Sep 2001, Mark Bergeron wrote:
> I would go:
>
> unless ( ($x < 50) || ($x > 80) ){
> print "";
> }
No... that will return true for all values less than fifty or all values
more than 80. To get the numbers in between, you want numbers that are
more than 50 AND less than 80, the o
Very good. You're paying attention.
-Original Message-
From: "Brett W. McCoy"<[EMAIL PROTECTED]>
To: "Mark Bergeron"<[EMAIL PROTECTED]>
Cc: "David Draley"<[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Date: Tue Sep 18 15:23:22 PDT 2001
Subject: Re: "Unless" statement
>On Tue, 18 Sep 2001, Mark B
14 matches
Mail list logo
