I'd like to set up formmail and guestbook scripts on my personal Debian Linux server. But I've learned that CGI scripts can make a server more vulnerable to being hacked. How do I set these scripts, or any others I may want, up securely? Are certain scripts more secure than others, and if so, which ones are least vulnerable?

Thanks in advance for your replies.

basically, you need to validate the hell out of all input strings before you use them.
people will try to break programs with buffer overflow exploits, and inject code into scripts.

for example, if you wrote a cgi script to get the number of days in a user specified month, an attacker might enter the month string as "6 ; rm -fr /"

then the cgi script would run the command

"days_in_month 6 ; rm -fr /"

which would run the programs "days_of_month_6" then delete every file on the hard disk which is writable.

so validate validate and validate !

I don't really have the skill to write such scripts myself-I'd rather download and install an already written script, and configure it to run securely. Any suggestions on what scripts to look for and how to run them securely?

run them securly by making sure the prmissions and access rights are set correctly.
also look into chroot jailing.

but the first defence is a secure script...
its going to be impossible to make an unsecure script run securely.

a secure script is the first line of defence.

as for where to get them.. i dont know.

but wherever possible use CGI scripts from trusted places, not just random partds of example code people post on forums.