Search open source code. All of it.
For instance, but who the heck would change these anyway?
Who uses Net::SMTP::SSL?
Uses of sprintf in any Perl code.
Who uses Net::SMTP::SSL
Re:Googling for bugs
chromatic on 2006-10-06T07:19:40
#include <stdio.h>Re:Googling for bugs
rafael on 2006-10-06T10:49:58
Like SQL injection vulnerabilities in PHP code.Re:Googling for bugs (Perl CGI injection attacks)
Corion on 2006-10-06T11:48:35
And param() injection attacks for Perl, as heard in a Birmingham 2006 talk by MOCK and regurgitated on Perlmonks.
Management summary: Don't use foo => $q->param(), to fill a hash if you care about the other values, like is_admin => 0.
Re:Googling for bugs (Perl CGI injection attacks)
Corion on 2006-10-06T11:51:35
First use.perl.org lesson - you can't edit your comments. More injection attacks, this time via foo => param(
Re:Googling for bugs (Perl CGI injection attacks)
jdavidb on 2006-10-06T13:09:12
Um, yeah. We don't want you to be able to go back and change history and prevent us from seeing what you said. Makes you take more responsibility for it, among other benefits.
:) Re:Googling for bugs (Perl CGI injection attacks)
DAxelrod on 2006-10-06T13:50:28
Um, yeah. We don't want you to be able to go back and change history and prevent us from seeing what you said.Out of curiosity, why, then, can we edit our Journal entries?
Re:Googling for bugs (Perl CGI injection attacks)
jdavidb on 2006-10-06T14:19:41
I've always wondered that myself.
Also:
Priviledge? Privilidge! Privaledge? Privladge!!!!
«SYSADMINS: YOU CANNOT ASSIGN "PERSIMMONS" TO A DIRECTORY - THOSE ARE FRUITS»
- Tristan Farnon
