|[Date Prev] [Date Next]||[Thread Prev] [Thread Next]||[Date Index] [Thread Index]|
Re: [nocol-users] security problems with webnocol.cgi,genweb.pl,notifier.pl, etc.
Those interested in securing code, perl or otherwise, might find useful links at http://www.shmoo.com/securecode/. For perl specifically the perlsec man page is worth a read. Scott Steve Thrasher wrote: > If I may make a quick suggestion - as for tightening things up a bit for > security purposes. It's always a good idea to use proven methods rather > than make things up as we go. I have found that majordomo has done a pretty > good job in the security arena. Of course there are always issues but > overall it's not bad. Maybe you could borrow some of their strategies that > seem to work pretty good. For example, their permission scheme is pretty > tight. Not bullet proof but well done. > > My $0.02 for what it's worth. > > --- > Steve Thrasher > Technology Director, UZIX > http://www.uzix.com/ > Keeping the simple, simple, > Making the difficult easy, > and automating the near impossible.