Date: Tue, 9 Jan 2001 01:56:01 +0100
From: Marco d'Itri <md@Linux.IT>
To: gopher@complete.org
Subject: [gopher] Re: Gopher <-> NNTP?
Message-ID: <20010109015601.A21617@wonderland.linux.it>
References: <200101081950.LAA12102@stockholm.ptloma.edu>
 <87puhxizmp.fsf@complete.org>
Mime-Version: 1.0
Content-type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.3.12i
In-Reply-To: <87puhxizmp.fsf@complete.org>;
 from jgoerzen@complete.org on Mon, Jan 08, 2001 at 02:59:26PM -0500
Content-Transfer-Encoding: 8bit
Sender: gopher-bounce@complete.org
Errors-to: gopher-bounce@complete.org
Precedence: bulk
Reply-to: gopher@complete.org


On Jan 08, John Goerzen <jgoerzen@complete.org> wrote:

 >gopher://gopher.quux.org:70/11/Archives/mirrors/boombox.micro.umn.edu/pub/gopher/Unix/gopher-gateways/gonnrp

This program blows dead goats wrt efficiency and is the most ugly perl
code I've ever seen in my whole life (look like the author did not grasp
some perl features, the s/// operator among them), but atfer my
treatment:

-rwxr-xr-x    1 md       users        7598 Jan  9 01:46 gonnrp.pl*
-rwxr-xr-x    1 md       users       19042 Jan  8 21:07 gonnrp.pl.old*

I have got a working (even if not efficient) gateway which even works
with -wT and "use strict".
I also fixed the most egregious bugs.

I'm not going to install it now because I think it needs a security
audit (the concept of input validation was obviously unknown to the
author), but I will mail it on request.

It also needs the perl interpreter inside the chroot jail, doesn't that
mean any remote use can execute it?

-- 
ciao,
Marco