If this script is called security.cgi, and you invoke it like this:
hostname/security.cgi?sub_name, then it will call the sub sub_name (it
is a call of sub by reference).<br><br>Potentially a user can call any
sub from any module which it has available to it. It is seen as a bad
habit to give the right to anyone on the internet to execute any sub on
your system, yet I fail to find a practical threat coming from this
specific construct.
<br><span class="sg"><br>R.</span><br><br><div><span class="gmail_quote">On 1/29/06, <b class="gmail_sendername">David Dick</b> <<a href="mailto:david_dick@iprimus.com.au">david_dick@iprimus.com.au</a>> wrote:</span>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><br><br>Raphael Alla wrote:<br>> *Let's condider the following perl cgi script. I cannot find a practical
<br>> way to use it as a security hole. Any suggestion?<br>><br>> *#!/usr/bin/perl<br>> my $sub = $ENV{QUERY_STRING};<br>> &{$sub};<br><br>maybe i'm just a little tired after the weekend, but this script would
<br>appear to not do anything apart from cause an error. What are you trying<br>to achieve?<br><br></blockquote></div><br><br clear="all"><br>-- <br>Raphael Alla<br>Mitija Australia<br>+61 4 15 678 576<br><br>Premium open source accounting for Australia
<br><a href="http://www.thetravelingaccountant.com">http://www.thetravelingaccountant.com</a>