Re: Potential security issue with LedgerSMB (inherited from SL)

["Christopher Murtagh" <..hidden..>]

On 9/11/06, Darrick Hartman <..hidden..> wrote:
> Does removal of the terminal code mean that running one of the scripts
> such as:
>
> perl is.pl
> "action=api_print_invoice&other_options=oo&yet_other_options&yoo" won't
> work in the future with ledgersmb?
>
> I've been doing something similar to initiate backups of sql-ledger for
> a long time.

It could. Can you please provide me of a real example to test this?
Before I tear anything apart, I'll look at what it will mean for what
you need. There might be a simple solution if you have wget installed
(or curl or something similar), or we might decide to come up with a
different approace entirely.

Cheers,

Chris