Folks let me stress a little point (or a big, depending on how you look at this), I'm in no way try to discourage Geoff for creating yet another cool module. It's just that lately I read too much info about sites being hacked thru bugs in CGI code. Here is a must read, if you didn't read it yet. System Administration, Networking and Security (SANS) Institute published a list of exploits most often used to gain illegal access to network servers. http://www.sans.org/topten.htm Vulnerable CGI programs are on the 2nd place of the topten exploits!!! Vulnerable CGI programs are on the 2nd place of the topten exploits!!! Vulnerable CGI programs are on the 2nd place of the topten exploits!!! No, it's not a typo, I repeated it for you to pay attention. Now you understand why I'm against modules, that in hands of clueless and careless users will turns into trojan horses and alike, causing Perl/mod_perl/Apache projects at separate or all together to be blamed for no reason. It's a known fact that with Perl you can shoot your toes off, but I don't see a reason to replace this gun's trigger with a sensor button. It's a time for a challenge!!! Check the vulnerability of the Apache:: modules, before the bad guys will. Sounds like a really cool idea to learn the CGI security with! It should be very exciting to go to all those hacker sites, learn the known exploit and break in techniques, and than to try to apply them to Apache:: modules. Of course doing that at home, so you won't be put in jail. If you take the challenge and spot vulnerabilities, I personally promise to post your name(s) on the perl.apache.org as a honorable ghostbuster!!! So we've got the name for the project already 'mod_perl ghostbusters' :) Now are there fearless people in our tribe? That's the question... _____________________________________________________________________ Stas Bekman JAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide http://perl.apache.org/guide mailto:[EMAIL PROTECTED] http://perl.org http://stason.org/TULARC http://singlesheaven.com http://perlmonth.com http://sourcegarden.org
