Reply to Re: [PHP] Secure system calls -- how

Your name:

Reply:


Posted by Niels on 02/11/05 20:15

Hi,

Jason Wong wrote:

> To put it simply you would have to check *extremely* carefully the user
> input to ensure that it is not malicious, and that it is what it should
> be. I believe your original problem was about writing procmail files.
No, not exactly.

Thank you just the same, you bring up another good point. In the extreme
case, when I want to be really sure of the file, I have to parse it, just
as I parse all other data from the user. Yikes, that's a lot of work! I'm
counting on not doing that, but making sure I escape_cmd or whatever it's
called -- isn't that almost as good?


- Niels

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация