[Melbourne-pm] security hole

Raphael Alla raphael at mitija.com
Sat Jan 28 20:50:53 PST 2006


*Let's condider the following perl cgi script. I cannot find a practical way
to use it as a security hole. Any suggestion?

*#!/usr/bin/perl
my $sub = $ENV{QUERY_STRING};
&{$sub};


--
Raphael Alla
Mitija Australia
+61 4 15 678 576

Premium open source accounting for Australia
http://www.thetravelingaccountant.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pm.org/pipermail/melbourne-pm/attachments/20060129/de7c5337/attachment.html


More information about the Melbourne-pm mailing list