Re: web documentation
>> Hmm. You want to have people run a web browser as root and run cgi
>> scripts with root privilage. Please don't make this a default. I
>> can't think of any way to make this secure. It would be better
I think they said that lynx can run CGI's without a webserver... *if* that
is true then there is no (additional) security risk. Just put all the
CGI's into the /var/admin directory and only allow root to read/execute
stuff from it.
>It might be useful to use a specialized web server that is not
>very configurable, but has an extra emphasis on security. This
>could run on a non-standard port from /etc/inetd.conf, so it
>wouldn't conflict with a web server on the same system which
>was intended for normal uses.
If it was run from inetd then it could also be configured to deny non-local
connections in host.deny by default.
>I like the idea. :-)
Hmmm, me too.
Adam.
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: