Hello,
I am playing around now with the fine modutils-package.
I am quite content with progress - but already i am finding myself
using
(read-from-string "user entered data")
and although i am by no means an expert regarding lisp or programming
in general i do realize that this is certainly a bad idea.
So my question goes:
What are youre TOP-5 stupidities
from an security point of view regarding
lisp-programming for the www?
thanks
Norman
·············@student.uni-magdeburg.de (norman werner) wrote in message news:<····························@posting.google.com>...
> Hello,
>
> I am playing around now with the fine modutils-package.
>....
modlisp. there is no reason to call it modutils.
i have to remember this.
Norman
Well, I can emtion one. Not setting read-eval to nil when reading from a
stream.
On 16 Aug 2004 11:55:20 -0700, norman werner
<·············@student.uni-magdeburg.de> wrote:
> Hello,
>
> I am playing around now with the fine modutils-package.
> I am quite content with progress - but already i am finding myself
> using
>
> (read-from-string "user entered data")
>
> and although i am by no means an expert regarding lisp or programming
> in general i do realize that this is certainly a bad idea.
>
>
> So my question goes:
>
> What are youre TOP-5 stupidities
> from an security point of view regarding
> lisp-programming for the www?
>
> thanks
>
> Norman
--
Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/