Heya, On Mon, May 13, 2002 at 04:42:55PM -0700, Bruce Ferrell ([EMAIL PROTECTED]) said something similar to: > Just to throw jet fuel on the fire... cuz they come up on a google > search for: > > cgi perl counter > > and nms doesn't! :)
And that is one of the problems some in the community have had with Matt :) People put that type of search in, see those scripts, and use them. He has been asked to remove his scripts and point to other, similar, scripts which have been "OK'd" by the community at large. But, he hasn't. I have emailed him no less than half a dozen times myself, all ignored. But, luckily y'all have this list to enlighten you :) > Just for the record, when I started using MSA, over 4 years ago nms > didn't exist and I used them for the reasons listed above. I was a > sysadmin, am a sysadmin and my job isn't to audit every stick of code in > the world... It's to run systems as securly as possible. Until I hear > something about a serious deficit in a chunk of code, I use it. I'm well aware of how sysadmins just use code they find :) Part of my living is made from fixing/re-writing such code. I think this is a greater problem with many IT people.. blindly using code which they don't understand. When you have the source, and you don't understand it, people should use lists, newsgroups and peers to have someone review it to see if it is really acceptable production code. But, hey.. I live in a fantasy world where production code is reviewed, tested, portable, and uses common practices :) Cheers, Kevin (from Kevtopia) > Kevin Meltzer wrote: > > > > On Mon, May 13, 2002 at 09:14:03AM -0700, drieux ([EMAIL PROTECTED]) said >something similar to: > > > which version of the code is the 'problem' version? > > > > > > what is the current specific 'security' issue? > > > > > > there was a security update to v1.92 on 04/21/02 > > > has there been some new issue arise??? since then? > > > > Does it matter? They are scripts by Matt.. recurring security issues, > > and (unless he has done some MAJOR reworking) they are written in Perl > > 4. Why would anyone want to run these in production? > > > Cheers, > > Kevin -- [Writing CGI Applications with Perl - http://perlcgi-book.com] "BASIC is the Computer Science equivalent of `Scientific Creationism'." -- BSD fortune file -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
