On Jan 26, 2005, at 10:50 AM, Marty Landman wrote:
At 09:59 AM 1/26/2005, Jason Dixon wrote:
I don't use FormMail.pl. As best I recall, it has had a history of security holes.
I believe the major problem is when you specify the recipient on a hidden form field. This makes a script available for hijacking to send spam from; stealing the webmaster's bandwidth and damaging their reputation. Or worse than that...
There are a LOT of problems with Matt's FormMail.pl. I took a cursory glance and was shocked at the lack of localized variables and what-not. And while I can appreciate the all-in-one behavior that made sense in 1996, most Perl folks like to take advantage of a little thing called *modules*. ;-)
</off-topic>
-- Jason Dixon DixonGroup Consulting http://www.dixongroup.net
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
