[Date Prev][Date Next][Thread Prev][Thread Next] [Search] [Date Index] [Thread Index]

[MacPerl-WebCGI] Please help. Securing MacPerl...



Hi,
 
I'm helping my school try to secure their MacPerl scripts. 
 
The server is running appleshare IP 6 and the latest macperl binary download from www.macperl.com
 
I find that I can write a script on another macintosh with macperl installed, upload it to the server, and have that script open any file in any directory on the server.  Of course this is a bad thing and we would like to have this avoided.
 
Is there a plausible way to restrict what privilages the scripts that are uploaded have? 
 
It seems that the scripts don't obey folder user/group privalges.  And setting the USER environment variable in the MacPerl application seems to have no effect.
 
Please help, any suggestions would be appreciated.
-Mel