Matt’s Script Archive: The Scripts That Reshaped The Web

17 points by calvin

tomhukins

I enjoyed reading this. Matt's formmail.pl was one of several Perl tools I used in the mid-nineties before I was skilled enough to write my own.

A decade later, I knew the people who developed the nms replacements described in the article, mostly Dave and Jonathan. Jonathan's talk at YAPC::Europe (the European Perl conference) in 2005 described how some of the nms scripts incorporated RBL lookups to prevent spam from malicious IP addresses, which seemed like a novel approach to handling Web spam at the time, a simple precursor to a Web Application Firewall (WAF).

vbernat

In the late 90s, I had cgi-bin scripts written in (poor) C. I also had some Perl script, like this:

sub RecordVote {
        open (VF,"$BaseDir/$in{'topic'}");
        @lines = <VF>;
        chop @lines;
        close VF;
        # [...]
        # Now write back the data to the file

        open (VF, ">$BaseDir/$in{'topic'}");
        print VF "$Topic\n";

        # [...]
}

You can read/write any file with path traversal. You can execute anything with a trailing |. And if you have two users voting at the same time, one vote will be lost.

Different times...

symgryph

This was pretty cool!

zem

what a delightful post, and what a delightful site! i'm amazed i've not encountered it on reddit/hn/lobsters before.