|
From: | Shigio YAMAGUCHI |
Subject: | Re: A CGI security hole on Windows? |
Date: | Sat, 12 Mar 2016 09:45:24 +0900 |
Hello specialists of Windows,Doesn't the following code have a security hole on WIndows?[global.cgi]if ($^O eq 'MSWin32') {open(PIPE, "/usr/local/bin/global" . " --result=ctags-xid $flags $pattern |");} ...[completion.cgi]if ($^O eq 'MSWin32') {open(PIPE, "/usr/local/bin/global" . " -${flags}e $q |");} ...Though GNU GLOBAL does not support Windows, we need to get rid of dangerous code.Thank you in advance.Regards,Shigio--Shigio YAMAGUCHI <address@hidden>PGP fingerprint: D1CB 0B89 B346 4AB6 5663 C4B6 3CA5 BBB3 57BE DDA3
[Prev in Thread] | Current Thread | [Next in Thread] |