[Date Prev][Date Next][Thread Prev][Thread Next] [Search] [Date Index] [Thread Index]

[MacPerl] Re: CGI-BIN Security Risk



On 7/17/97 Strider wrote:

>And no- CGI's don't have to go into that folder unless you select the menu
>option 'restrict CGIs to CGI-BIN'. Otherwise, they can be accessed in any
>folder.

If you have any upload capabilities (WebStar, FTP, etc.) turned on you
should STRONGLY consider "restricting CGIs to CGI-BIN." Otherwise anyone
with privileges can upload a MacPerl CGI (or any application ending in .cgi
for that matter) and run it on your machine. You have to disallow uploading
to CGI-BIN of course.

RR

__________________________________________________________________________
  Richard Rathe, MD                       mailto:rrathe@dean.med.ufl.edu
  University of Florida                  http://www.med.ufl.edu/medinfo/  



***** Want to unsubscribe from this list?
***** Send mail with body "unsubscribe" to mac-perl-request@iis.ee.ethz.ch