Re: handlers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: handlers

Subject: Re: handlers
Date: Tue, 01 Aug 2006 08:40:52 +0100
From: John ORourke <suppressed>

Frank Maas wrote:

On Tue, Aug 01, 2006 at 07:33:51AM +0100, John ORourke wrote:
You could even do something really clever and make it map URI ontomodule - eg. so /debitor/contract/create callsDebitor::Contract->create(), but that wouldn't be very secure!
Why would that be not very secure? Could you give an example of thingsthat go wrong?

As described, it would allow any person with access to the web server tocall any method of any installed Perl module! Just by adding somesimple checks to ensure only certain allowed modules and methods werecalled, it could become secure.


John

Follow-Ups:
- RE: handlers
  - From: Frank Maas

References:
- handlers
  - From: Vladimir S. Tikhonjuk
- Re: handlers
  - From: Scott Penrose
- Re: handlers
  - From: Vladimir S. Tikhonjuk
- Re: handlers
  - From: Scott Penrose
- Re: handlers
  - From: Vladimir S. Tikhonjuk
- Re: handlers
  - From: John ORourke
- Re: handlers
  - From: Frank Maas

Prev by Date: Re: handlers
Next by Date: Re: handlers
Previous by thread: Re: handlers
Next by thread: RE: handlers
Index(es):
- Date
- Thread

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.