Re: Secure popen

From: Aaron Bentley (abentleyat_private)
Date: Wed Jun 20 2001 - 10:15:17 PDT

  • Next message: SBNelsonat_private: "RE: Secure popen"

    Hi Richard,
    Actually, we are writing a very complex CGI in C++, of which this is a small
    part.
    
    Aaron
    
    Richard Mirch wrote:
    
    > Is there any specific reason why you are writing a simple CGI in c++? If
    > it is for learning, then I can see the point but this can easily be done
    > securely and efficiently in PERL or perhaps PHP(never had a chance to do
    > this). With very few lines of actual code, PERL can sanitize your input.
    > IMHO - I would use PERL because its very easy to parse and strip out
    > strings quickly. Also, maintaining the code will be somewhat of a pain
    > using a compiled language. I dont know a safe alternative using c/c++
    > other then enforcing your input against an allowed character set. My safe
    > and quick alternative is to use PERL but that might not be an option for
    > you. Of course, whatever you use, you need to validate your input - just a
    > matter of how much time you want to take up.
    >
    > -Rich
    
    --
    Aaron Bentley
    Manager of Information Technology
    PanoMetrics, Inc.
    



    This archive was generated by hypermail 2b30 : Wed Jun 20 2001 - 17:36:31 PDT