NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.
All the Perl that's Practical to Extract and Report
Friday August 29, 2003
What I don't get is why many ISPs don't allow ssh access to their boxes while at same time they allow you to run your own cgi scripts. If you can run arbitrary CGI then you can run arbitrary code on the server even without shell.
On similar note why SourceForge disallow SSH access to their CVS servers when they allow you to modify files in CVSROOT? If I can add commit and loginfo scripts there I can run arbitrary code on the server too.
For sysamins: better not waste your time on false security measures especially when it makes life of legimate users harder.
Stories, comments, journals, and other submissions on use Perl; are Copyright 1998-2006, their respective owners.