[VPM] alternative to perl's Open?
abez
abez at abez.ca
Tue Sep 7 11:24:55 CDT 2004
>From CGI.pm
my $query = CGI->new;
$filename = $query->param('uploaded_file');
while(<$filename>) { print; }
The file is saved to a tmp dir and then opened. $filename is the file
handle. It doesn't matter what the user named their file.
If you are running perl code that other people supply you really can't
stop much. For instance they could have just forked a telnet daemon.
I'd suggest running the perl scripts under a user who didn't have
privileges to anything.
chroot can also help you.
So make a little mini installation of perl. When you run a script chroot
to the sandbox and setuid to something very weak.
abram
On Tue, 7 Sep 2004, Carl B. Constantine wrote:
> A recent hack here at UVic caused no end of grief for system staff. We
> managed to shut the cracker down, but not before quite a bit of damage
> was done to 75 web pages.
>
> The exploit took advantage of a perl CGI script that used the Open
> command. The perl script is supposed to take a file, upload it to the
> site and run the file (used for testing people's course code). The
> cracker took advantage of that and included a standard pipe '|' in the
> command to wget and the rest is, as they say, history.
>
> So my question is, how do you code around that? If you need to do
> something like this, what should you do?
>
> Thanks in advance.
>
>
--
abez ------------------------------------------
http://www.abez.ca/ Abram Hindle (abez at abez.ca)
------------------------------------------ abez
More information about the Victoria-pm
mailing list