Reply to post: Re: I may be being stupid here

Bash bug: Shellshocked yet? You will be ... when this goes WORM

Nuno trancoso

Re: I may be being stupid here

Not so much but then again yes.

The problem is not that you know you have to sanitize input so much as having to know WHAT to sanitize it against. Or to make it more clear, to avoid passing inputx, you first have to know inputx was bad news. And unless you can convince me that you are aggressively (re)parsing and conforming your input, which i doubt anyone is, guess what, you're doing the basic checks just like everyone else, and this will go though.

Can't resist the temptation to bash the zealots (pardon the pun). So, again, there goes the many eyes theory down the drain... The reverse on the contrary is quite true. Once you get many "bad eyes" looking at you, the nasty water starts popping out of the sewer lid.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019