[olug] Secure web form mailer

Jay Hannah jay at jays.net
Thu Jun 19 13:18:15 UTC 2003


jregier at cox.net wrote:
> Does anybody use a web form to email cgi that's not full of security holes?  It seems like every time I look at one I find out that there is some sort of security problem. Some are derived from formmail and it's not clear weather the holes have been fixed or not.  I keep running into applications for a simple form but don't know what to trust anymore. I could roll my own then I have to trust myself too.

- Do you consider stopping abuse of the system a requisite of a "secure"
system? 
- What functionalities do you want in the CGI form?
- What mailer are you wanting to hand off to? sendmail? What
functionalities of the mailer are you wanting to use? The security risk
on your mailer will depend on the complexity of what you want to ask it
to do for you.

$0.02,

Jay Hannah
Omaha Perl Mongers: http://omaha.pm.org


More information about the OLUG mailing list