CGI Security, reminder to myself

Sadhunathan Nadesan sadhu at castandcrew.com
Fri Feb 14 17:10:01 EST 2003


Greetings,

A few weeks ago I posted some 'how to' notes on this list for developing
a web enabled, postgres based application, based on earlier work from
Pierre.  It was a series of mails.  I've made it into a presentable
single html doc so I can eventually post it maybe like Scott did with
graphical "top" on Linux Journal.  Or somewhere. (Actually Scott's
top is also on metacard.com under white papers and just like he said,
it runs right out of the box using only the free trial version of MC).

In any case, did anyone notice any gaping security holes in that cgi
application I posted?

There was one.

Curious?

This is a reminder to myself to write to y'all about that, and also
update my how-to faq.

Aloha, 
Sadhu




More information about the metacard mailing list