Re: cgi-bin security
"Thomas R. Shemanske" <trs@hecke.dartmouth.edu> writes:
> I administer a couple of linux machines (potato based), and have a user
> which want to run cgi-bin scripts, and I would like to know if there are
> security concerns.
Yes there are. Have a look at cgiwrap, it should take care of many if
not most. Here's the blurp from potato.
Package: cgiwrap
Version: 3.6.4-2
Priority: optional
Section: web
Maintainer: Jim Lynch <jwl@debian.org>
Depends: libc6 (>= 2.1.2)
Architecture: i386
Filename: dists/stable/main/binary-i386/web/cgiwrap_3.6.4-2.deb
Size: 50768
MD5sum: d36efb10f8fcefa9071b1bfa7460e01f
Description: allows ordinary users to run their own CGI scripts
a gateway that allows more secure user access to CGI programs on
an HTTPd server than is provided by the http server itself. The
primary function of CGIwrap is to make certain that any CGI
script runs with the permissions of the user who installed it,
and not those of the server.
installed-size: 140
--
Olaf Meeuwissen Epson Kowa Corporation, Research and Development
Reply to: