Follow Slashdot stories on Twitter


Forgot your password?

Comment Most insecure scripts ever (Score 2, Insightful) 523

We had a campus wide ban on any of Wright's cgi stuff. Lot's of unescaped system() and exec() and `` from old Matty. One of his scripts is universally known as the best mail forwarder/spam relays ever. Another would actually pass rm -rf * to the command line. All you had to do was stuff a semicolon after the form input. I spent a whole semester writing secure work-a-likes to his scripts and also writing LWP stuff that would poke around for his scripts on our user webspace -- especially the formmailer. Egads.

"The hands that help are better far than the lips that pray." -- Robert G. Ingersoll