On Wed, Jun 26, 2002, Orna Agmon wrote about "Re: [Haifux] Re: [sct-hackers] Re: Syscalltrack Site": > On Wed, 26 Jun 2002, Shlomi Fish wrote: > "?" is not a part of the path name. It is the way for the browser to pass > variables to the script, using the "post" method. Look at the url formed
Actually, that is the GET method, not POST. Orna, in light of the /etc/passwd trick, I think you should redesign the script... And if you can't get some expert to look at it for security flaws, I suggest (with no disrespect intended) that you practice on an non-connected machine, and in the meantime just have static pages (i.e files)... -- Nadav Har'El | Wednesday, Jun 26 2002, 17 Tammuz 5762 [EMAIL PROTECTED] |----------------------------------------- Phone: +972-53-245868, ICQ 13349191 |A city is a large community where people http://nadav.harel.org.il |are lonesome together. -------------------------------------------------------------------------- Haifa Linux Club Mailing List (http://linuxclub.il.eu.org) To unsub send an empty message to [EMAIL PROTECTED]
