In article <[log in to unmask]>, [log in to unmask] says...
>
>At the minimum, the user logon for your httpd job should have minimal file
>access.
Guys,
IMHO, *no* Common Gateway Interface should be implemented via a script.
if security is an issue, use *only* compiled programs, as you have
much more control over *what can happen*.
just my $.02
jerry
>
>Jeff Kell ([log in to unmask]) wrote:
>: Hopefully one of our more Posix or Un*x oriented readers can answer this
>: question...
>
>: Just how "dangerous" are cgi-bin scripts?
[rest snipped]
--
Former Hughes Aircraft employee, NOW \\|// an Outsourcee 4 CSC
+-----------------------+My opinions |O-O| are JUST THAT !!!
| Jerry Bostick +----------oOO-(_)-OOo-----------------+
| Computer Systems Engineer Specialist, Senior |
| Computer Sciences Corp. work tel.: 714 441-6975 |
| PO Box 3310 work fax.: 714 732-2070 |
| Fullerton, Ca. 92635 work-e-mail: [log in to unmask] |
| USA home-e-mail: [log in to unmask] |
| *HOME PAGE*: http://www.earthlink.net/~jbostick |
+--------------------------------------------------------------+