Date: Sun, 17 Apr 2005 14:57:06 GMT From: Sam Lawrance <lawrance@FreeBSD.org> To: skywizard@time.net.my, lawrance@FreeBSD.org, freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/25272: Using lang/eperl as cgi/nph binary executor can give anybody the ability to view the content of any file Message-ID: <200504171457.j3HEv6XA011601@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
Synopsis: Using lang/eperl as cgi/nph binary executor can give anybody the ability to view the content of any file State-Changed-From-To: feedback->closed State-Changed-By: lawrance State-Changed-When: Sun Apr 17 14:55:12 GMT 2005 State-Changed-Why: The problem described is not specific to FreeBSD. A warning has been added to pkg-message describing the consequences of using eperl in CGI mode. http://www.freebsd.org/cgi/query-pr.cgi?pr=25272
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504171457.j3HEv6XA011601>