On Sat, 9 Aug 2003, Eyal Rozenberg wrote: > I wrote the attached counter, and am using it. I hope I've applied the > GPL correctly but I'm not that well informed so there may be issues I'm > unaware of.
hmm, i hope you're not realy using it, since it looks unsafe, in the sense that it takes file paths from the user and then goes opening them. a safe script would instead only take _logical_ counter names from the user, and translate them to a pre-configured file name. this way, the most that a malicious user could do, is make the software increase some other counter, but not cause the creation of a new file, for example. one thing i am not sure i understood: is the 'param' function indeed parsing the parameters form the incoming request? if this is the case, then this means that someone can write something else for the 'digits_file', and then might get the contents of an arbitrary file on the machine (assuming GD is not very particular about the file that it is opening and its internal format). there might be other similar effects that i did not notice yet... -- guy "For world domination - press 1, or dial 0, and please hold, for the creator." -- nob o. dy -------------------------------------------------------------------------- Haifa Linux Club Mailing List (http://www.haifux.org) To unsub send an empty message to [EMAIL PROTECTED]
