A CGI security hole on Windows?

[Shigio YAMAGUCHI]

Hello specialists of Windows,

Doesn't the following code have a security hole on WIndows?

[global.cgi]

if ($^O eq 'MSWin32') {

        open(PIPE, "/usr/local/bin/global" . " --result=ctags-xid $flags $pattern |");

} ...

[completion.cgi]

if ($^O eq 'MSWin32') {

        open(PIPE, "/usr/local/bin/global" . " -${flags}e $q |");

} ...

Though GNU GLOBAL does not support Windows, we need to get rid of dangerous code.

Thank you in advance.

Regards,

Shigio

--

Shigio YAMAGUCHI <address@hidden>

PGP fingerprint: D1CB 0B89 B346 4AB6 5663  C4B6 3CA5 BBB3 57BE DDA3