[Lxr-dev] Re: [Lxr-commits] CVS: lxr diff,1.10,1.11 find,1.18,1.19 ident,1.17,1.18 search,1.19,1.20

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Dave,

Dave Brondsema wrote:
| Modified Files:
| 	diff find ident search source
| Log Message:
| add -T switch for taint checking in CGI mode

So what happens in mod_perl mode?  There is definitely a problem with
the current httpwash function, but are we sure that the new filtering
doesn't open another security hole, including in mod_perl mode?

We've already had one security hole through bad parameters, I don't want
another :-)

Cheers,

Malcolm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)
Comment: Using GnuPG with MultiZilla - http://enigmail.mozdev.org

iD8DBQFA+DvcQeMefPKyX/QRAg+ZAKDPod6qhoUS9wIqXmKEh/4aubBL4QCdFtBZ
F8dunLZPF6oOluxbYOwFa8U=
=RPI4
-----END PGP SIGNATURE-----

[Lxr-dev] Re: [Lxr-commits] CVS: lxr diff,1.10,1.11 find,1.18,1.19 ident,1.17,1.18 search,1.19,1.20

[Lxr-dev] Re: [Lxr-commits] CVS: lxr diff,1.10,1.11 find,1.18,1.19 ident,1.17,1.18 search,1.19,1.20 source,1.40,1.41