Next: NCSA server side Up: Testing dynamic documents Previous: Testing with the

Security aspects

CGI scripts offer tremendous power, but with power comes responsibility. Scripts may open up security loopholes that cannot be foreseen by server writers and administrators. An awareness of security is crucial when writing CGI programs to avoid allowing abuse by malicious users.

CGI scripts should be paranoid about validating the data they receive, especially when that data is to be passed to a general purpose interpreter, such as a shell or Perl, for evaluation as a command, or used as a file pathname. Shell meta-characters may be included in the data sent and can have unwanted and nasty side-effects. This is discussed in an online document from the NCSA.

There is a special version of Perl, called taintperl, that can be used to write more secure scripts. It marks data from command line variables, environment variables and any input as tainted and regards it as insecure. Assignment of a tainted value to a variable marks that variable as tainted too. Using a tainted value in an operation that invokes a shell or that would modify files, directories or processes is forbidden and causes an error. This feature is discussed in the manual page for Perl and in Programming Perl by Larry Wall and Randal L. Schwarz[17].

Spinning the Web by Andrew Ford
© 1995 International Thomson Publishing
© 2002 Andrew Ford and Ford & Mason Ltd
Note: this HTML document was generated in December 1994 directly from the LaTeX source files using LaTeX2HTML. It was formatted into our standard page layout using the Template Toolkit. The document is mainly of historical interest as obviously many of the sites mentioned have long since disappeared.