[ale] OT - looking for some guidance with a perl script
Jerry Z. Yu
z.yu at voicecom.com
Mon Apr 21 09:02:45 EDT 2003
the dots need to be escaped, as it means 'any character' in perl
reg.
On Mon, 21 Apr 2003, F. Grant Robertson wrote:
#Jim,
#A regexp would probably be good enough..
#
#$path =~ s/..\///sg;
#
#something like that, you could refine it for your particular level of paranoia..
#
#Someone will probably have a better answer but, that's how I'd handle it
#
#-G
#
#"No, I don't think your paranoid, just the opposite. I think you have these insane delusions that everyone really likes you." - Woody Allen
#
#
#
#-----Original Message-----
#From: ale-admin at ale.org [mailto:ale-admin at ale.org]On Behalf Of Jim Lynch
#Sent: Monday, April 21, 2003 8:02 AM
#To: Ale
#Subject: [ale] OT - looking for some guidance with a perl script
#
#What I'm trying to figure out is how to prevent someone from getting to
#all the files on the system by adding /.. to the path or something else
#more devious. Now I could crack the path and look for a .. element or I
#could store all the possible paths in a database an use a key to access
#them. I'm not sure there might not still be a security problem with the
#first option and the second option seems to be overkill, besides,
#displaying the path will be beneficial to the user.
#
#---
#Outgoing mail is certified Virus Free.
#Checked by AVG anti-virus system (http://www.grisoft.com).
#Version: 6.0.474 / Virus Database: 272 - Release Date: 4/18/2003
#
#_______________________________________________
#Ale mailing list
#Ale at ale.org
#http://www.ale.org/mailman/listinfo/ale
#
Jerry Z. Yu +1-404-487-8544 (O)
systems engineer z.yu at voicecom.com
is support, voicecom, llc www.voicecom.com
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list