[Date Prev][Date Next][Thread Prev][Thread Next] [Search] [Date Index] [Thread Index]

[MacPerl] Re: CGI-BIN Security Risk

To: MacPerl Discussion List <mac-perl@iis.ee.ethz.ch>
Subject: [MacPerl] Re: CGI-BIN Security Risk
From: Richard Rathe <rrathe@dean.med.ufl.edu>
Date: Thu, 17 Jul 1997 15:19:33 -0500
In-Reply-To: <v0300780faff40d8d6684@[204.255.183.108]>
References: <l03102802aff39b8a9af8@[193.123.165.57]><000BA674.3176@edc.org>

On 7/17/97 Strider wrote:

>And no- CGI's don't have to go into that folder unless you select the menu
>option 'restrict CGIs to CGI-BIN'. Otherwise, they can be accessed in any
>folder.

If you have any upload capabilities (WebStar, FTP, etc.) turned on you
should STRONGLY consider "restricting CGIs to CGI-BIN." Otherwise anyone
with privileges can upload a MacPerl CGI (or any application ending in .cgi
for that matter) and run it on your machine. You have to disallow uploading
to CGI-BIN of course.

RR

__________________________________________________________________________
  Richard Rathe, MD                       mailto:rrathe@dean.med.ufl.edu
  University of Florida                  http://www.med.ufl.edu/medinfo/  

***** Want to unsubscribe from this list?
***** Send mail with body "unsubscribe" to mac-perl-request@iis.ee.ethz.ch

References:
- Re: [MacPerl] MacPerl and WebSTAR
  - From: Bob Wilkinson <bw@pindar.co.uk>
- [MacPerl] MacPerl and WebSTAR
  - From: JAlexander@edc.org (JAlexander)
- Re: [MacPerl] MacPerl and WebSTAR
  - From: Strider <Strider@clarityconnect.com>

Prev by Date: Re: [MacPerl] MacPerl and WebSTAR
Next by Date: Re: [MacPerl] MacPerl and WebSTAR
Prev by thread: Re: [MacPerl] MacPerl and WebSTAR
Next by thread: Re: [MacPerl] MacPerl and WebSTAR
Navigation: Date Index | Thread Index | Search | Other lists at bumppo.net