setuid root CGI's - how bad it is?

To: debian-user@lists.debian.org
Subject: setuid root CGI's - how bad it is?
From: "Eloy A. Paris" <eparis@ven.ra.rockwell.com>
Date: 18 Sep 1997 04:57:02 GMT
Message-id: <[🔎] 5vqcau$bsm$1@zeus.ven.ra.rockwell.com>

Hi,

(sorry for the off-topic question but I don't know where to ask)

Excuse my ignorance but how bad is it to have a setuid CGI script?
I know there should be big security issues with this but I don't
know what it is.

I have a CGI script that needs to write files in a user's home directory.
How can I do that?

Thanks and my apologies for being off-topic again.

E.-

-- 

Eloy A. Paris
Information Technology Department
Rockwell Automation de Venezuela
Telephone: +58-2-9432311 Fax: +58-2-9431645


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . Trouble? 
e-mail to templin@bucknell.edu .

Reply to:

Follow-Ups:
- Re: setuid root CGI's - how bad it is?
  - From: Jason Costomiris <jcostom@sjis.com>
- Re: setuid root CGI's - how bad it is?
  - From: Ralph Winslow <rjw@nac.net>

Prev by Date: Debian print server
Next by Date: Re: quota bug ?
Previous by thread: Re: How to upgrade libc6?
Next by thread: Re: setuid root CGI's - how bad it is?
Index(es):
- Date
- Thread