I've just been informned by my ISP that Matt Wright's formMail will no
longer be allowed on any of their servers due to glaring security concerns.
I know now I shouldn't have used it but back then I was stupid and not a
subscriber to this fine list. Let this serve as a warning to those still
Hi,
Not Matt's Scripts
http://nms-cgi.sourceforge.net/scripts.shtml
-lisa
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Camilo Gonzalez wrote:
I've just been informned by my ISP that Matt Wright's formMail will no
longer be allowed on any of their servers due to glaring security concerns.
I know now I shouldn't have used it but back then I was stupid and not a
subscriber to this fine list. Let this serve as a
try the rewrite from NMS:
http://nms-cgi.sourceforge.net/
Cheers,
Kevin
On Mon, May 13, 2002 at 10:07:54AM -0500, Camilo Gonzalez
([EMAIL PROTECTED]) said something similar to:
I've just been informned by my ISP that Matt Wright's formMail will no
longer be allowed on any of their servers
Thank you all for this link.
-Original Message-
From: Kevin Meltzer [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 13, 2002 10:53 AM
To: Camilo Gonzalez
Cc: [EMAIL PROTECTED]
Subject: Re: Matt Wright's formMail
try the rewrite from NMS:
http://nms-cgi.sourceforge.net/
Cheers,
Kevin
On
Hi !
Right now I'm using a cgi-script to create a few html pages.
Somewhere I read the I also can create framesets plus the dependent
html pages via a CGI script.
Where can I find a manual on how to do that? Or can anybody tell me?
Thanks for your help.
Sven
--
To unsubscribe, e-mail:
On Monday, May 13, 2002, at 08:52 , Kevin Meltzer wrote:
try the rewrite from NMS:
http://nms-cgi.sourceforge.net/
Cheers,
Kevin
which version of the code is the 'problem' version?
what is the current specific 'security' issue?
there was a security update to v1.92 on 04/21/02
has
The problems seem to be that it uses the Referer environmental variable to
exclude spammers and it gives the option of encoding data in the URL. I've
been told both are considered security risks. My ISP does not think even the
latest release addresses these issues and refuses to let Formmail on
On Mon, May 13, 2002 at 09:14:03AM -0700, drieux ([EMAIL PROTECTED]) said something
similar to:
which version of the code is the 'problem' version?
what is the current specific 'security' issue?
there was a security update to v1.92 on 04/21/02
has there been some new issue arise??? since
On Monday, May 13, 2002, at 09:21 , Camilo Gonzalez wrote:
[..]
The problems seem to be that it uses the Referer environmental variable to
exclude spammers and it gives the option of encoding data in the URL. I've
been told both are considered security risks. My ISP does not think even
the
drieux wrote:
or am I missing something here???
i think what you're missing is there's no point in trying to justify
running any version of any of matt's code - use the drop in replacements
at sourceforge or take the (quite unnecessary) risk. it's as simple as
that.
--
To
Hello,
I have one updated a script to use the following '-f' flag as a way of
preventing SPAM relaying, and it is working fine,
open(MAIL,|$mailprog -t -f . $recipient);
How ever in the following script
release_risk_html;
never gets returned!
# with
# open(MAIL,|$mailprog -t);
# it
On 5/13/02 10:49 AM, fliptop [EMAIL PROTECTED] wrote:
i think what you're missing is there's no point in trying to justify
running any version of any of matt's code - use the drop in replacements
at sourceforge or take the (quite unnecessary) risk. it's as simple as
that.
Ok, I have a
I must confess I'm not intimately familiar with the
script in question, so I don't completely understand
what the code snippet that drieux included does,
therefore how it is or is not sufficiently secure.
However, I have some more general comments in the way
of clarification.
It seems to me that
After a quick perusal it seems the replacement form's greatest contribution
seems to be to limit the number of recipients that may be emailed at any one
time. There seem to a number of other improvements and it looks like the
code is updated more to what is recommended here. I do understand the
Michael Kelly wrote:
Ok, I have a question now: What, exactly, started the vendetta that the
entire Perl community seems to have against Matt's Script Archives? Is it
the constant security concerns, or is there something else?
there is no vendetta that i know of.
the nms project at
Ack.. I used to have a nice long, detailed reason why (I think I may
have sent it to someone on this list at some point who asked me the
same question).
To sum up.. Matts code is bad. It has various security holes, is not
maintained, and is in Perl 4. The 'vendetta' has come from years of him
If you mean can a CGI script output both the frameset
and all of its pages simultaneously, I don't see how.
What you can do is have each frame call a CGI script
for its content, and have another to generate the
frameset. Each script then outputs its own HTML as
normal.
If this doesn't address
Just to throw jet fuel on the fire... cuz they come up on a google
search for:
cgi perl counter
and nms doesn't! :)
Seriously, I do use them (ok, did until now) because they're handy,
don't spew errors and I can understand the code. Now that I know they
have problems, probably not anymore...
Sorry,here are the details:
I'm using one CGI script to generate several search pages (search for
people etc) within a secured area.
I would like to put the navigation sub into one frame, the retrieved
data (sub search1,2...)in another frame.
But I do not want to use an extra script for this.
Heya,
On Mon, May 13, 2002 at 04:42:55PM -0700, Bruce Ferrell ([EMAIL PROTECTED]) said
something similar to:
Just to throw jet fuel on the fire... cuz they come up on a google
search for:
cgi perl counter
and nms doesn't! :)
And that is one of the problems some in the community have
21 matches
Mail list logo
