Apache + CGI
-----BEGIN PGP SIGNED MESSAGE-----
Hi.
I want to enable the users of my webserver to use certain CGI-scripts
(provided by me) by using mod_include.
To do that, one would use the tag <!--#exec cgi="/cgi-bin/script" -->,
but one could also use the <!--"exec cmd="dangerous.command" -->.
That last possiblity is what I want to eliminate. One way would be to
remove /bin/sh, which is out of the question. Any other suggestions?
==============================================================
* Jakob Borg
E-mail: jakob@k2.lund.se
Site: http://k2.lund.se/jakob
Fingerprint: 43 81 BC 4D F6 D3 02 AE 9B 07 61 16 BD 06 0C E0
==============================================================
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: cp850
iQCVAwUBM9XuD7qO9bSbxuVpAQEibwP9Fse4jr8BcFCvUIbKLOiN4JZ5Y6OyxFlL
dQJ+i5a1XG30a10j8lJ2avw1u9bbBhrHjlwGgGFsfBBID+/qwErj1ObEKrUSw1Zh
myu/LU6fvK4uJnvK8aod+I9Z21cz6X5tU6nXzbbzDdDEw4tz9wjD6e0jwvJmOHPq
CZSOXFbMan4=
=g/qT
-----END PGP SIGNATURE-----
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: