Hi Ronald, Ronald F. Guilmette wrote: > Below is a trivially simple example of how this security flaw can > cause a problem, in practice: > > ===================================================================== > #!/usr/bin/perl -w > > use strict; > use CGI::Lite; > > my $cgi = new CGI::Lite; > my %form = $cgi->parse_form_data; > my $recipient = $form{'recipient'}; > > my $message = "From: sender\nSubject: Hello\n\nHello my friend!\n\n"; > > $recipient = escape_dangerous_chars ($recipient); > > open (SM, "|/usr/sbin/sendmail -f rfg $recipient"); ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Uhm... no matter how you escape dangerous stuff but you should not be using that code in the first place... Better would be... $pid = open(MAIL, "|-"); defined ($pid) or die "Fork: $!"; if (!$pid) { exec '/usr/lib/sendmail', '-t', '-oi' || exit 255; } print MAIL "To: $to\n"; print MAIL "From: $from\n"; print MAIL "Subject: $subject\n"; ... ... Peace, --T -- tee at T72 dot org - "On kolmenlaisia ihmisiä - niitä jotka ovat matemaattisesti lahjakkaita ja niitä jotka eivät ole."