|
Posted by Vince Morgan on 12/18/06 00:25
"Ric" <antispam@randometry.com> wrote in message
news:em38b0$1mp$1@online.de...
> If one allows header injection he should not develop any kind of software.
>
In principal I would have to agree. However, with the exception that I have
develloped a lot of software that is very safe from such attacks.
Not because I knew about them and accounted for them, but because the
software I've develloped previously had either nothing whatsoever to do with
email, or the internet. With the possible exception of a peeer to peer chat
program, that had no email or similar capabilities.
The issues involved are quite different in almost all cases.
However, in principal, I most certainly should have paid much more attention
to security prior to this.
Header injection is not a common programming consideration, but quite
specific to certain types of software, and certainly SMTP.
My foray into PHP has been too hasty, no doubt whatsoever.
Thanks,
Vince Morgan
Navigation:
[Reply to this message]
|