Re: cgi-bin security

To: thomas.r.shemanske@dartmouth.edu
Cc: debian-user@lists.debian.org
Subject: Re: cgi-bin security
From: Olaf Meeuwissen <olaf@epkowa.co.jp>
Date: 27 Oct 2000 12:06:31 +0900
Message-id: <87y9zbj83s.fsf@frodo.epkowa.co.jp>
In-reply-to: "Thomas R. Shemanske"'s message of "Sun, 22 Oct 2000 09:06:48 -0400"
References: <20001022083223.2459.qmail@murphy.debian.org> <39F2E668.CA1C420D@hecke.dartmouth.edu>

"Thomas R. Shemanske" <trs@hecke.dartmouth.edu> writes:

> I administer a couple of linux machines (potato based), and have a user
> which want to run cgi-bin scripts, and I would like to know if there are
> security concerns.

Yes there are.  Have a look at cgiwrap, it should take care of many if
not most.  Here's the blurp from potato.

  Package: cgiwrap
  Version: 3.6.4-2
  Priority: optional
  Section: web
  Maintainer: Jim Lynch <jwl@debian.org>
  Depends: libc6 (>= 2.1.2)
  Architecture: i386
  Filename: dists/stable/main/binary-i386/web/cgiwrap_3.6.4-2.deb
  Size: 50768
  MD5sum: d36efb10f8fcefa9071b1bfa7460e01f
  Description: allows ordinary users to run their own CGI scripts
   a gateway that allows more secure user access to CGI programs on
   an HTTPd server than is provided  by the http server itself. The
   primary function  of  CGIwrap is to make  certain   that any CGI
   script runs  with the permissions of  the user who installed it,
   and not those of the server.
  installed-size: 140

-- 
Olaf Meeuwissen       Epson Kowa Corporation, Research and Development

Reply to:

References:
- cgi-bin security
  - From: "Thomas R. Shemanske" <trs@hecke.dartmouth.edu>

Prev by Date: what will fail if I upgrade to "unstable"?
Next by Date: Re: a question
Previous by thread: Re: cgi-bin security
Next by thread: Installing tar files
Index(es):
- Date
- Thread