develooper Front page | perl.perl5.porters | Postings from October 2012

Re: Security Issues in perl-5.16.x

Thread Previous | Thread Next
From:
Chip Salzenberg
Date:
October 2, 2012 16:16
Subject:
Re: Security Issues in perl-5.16.x
Message ID:
CANSL5VExk7jw9YOUpi+AJMMKzdfhUy=ssdHaF6X+wr3eFXbVHA@mail.gmail.com
On Tue, Oct 2, 2012 at 6:12 AM, David Golden <xdg@xdg.me> wrote:
> Imagine some poorly implemented web server
> that dumps query parameters into %ENV

That's not a useful starting case.  It is stunningly insecure, NULs or no NULs.

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About