[FRPythoneers] Python CGI & Security

Matt Gushee mgushee at havenrock.com
Tue Jul 9 20:47:48 MDT 2002


Hi, folks--

I've developed a simple web site for a group I'm involved with. It's
mostly static, but needs a formmail-type CGI script. I downloaded the
simplest one I found on the Web, which was Lars Marius Garshol's
'formmail.py', but I ended up mostly rewriting it to remove some
unneeded functionality (like binary file upload) and add some validation
functions.

Anyway, it's been several years since I've done anything with CGI, and
actually have never used Python for CGI at all. So I'm just wondering if
there are any security issues I should know about related to the
particular Python libraries I'm using. Here's what my script imports:

    cgi, StringIO, string, smtplib, sys, re, MimeWriter

Thanks for your tips!
-- 
Matt Gushee
Englewood, Colorado, USA
mgushee at havenrock.com
http://www.havenrock.com/



More information about the FRPythoneers mailing list