Re: Limiting User Commands

To: debian-isp@lists.debian.org, debian-user@lists.debian.org
Subject: Re: Limiting User Commands
From: John Hasler <jhasler@debian.org>
Date: Sun, 07 Nov 2004 10:10:31 -0600
Message-id: <[🔎] 871xf5tzbc.fsf@toncho.dhh.gt.org>
In-reply-to: <[🔎] 20041107141416.GA11837@steve.org.uk> (Steve Kemp's message of "Sun, 7 Nov 2004 14:14:16 +0000")
References: <[🔎] 3f9fee5104110509315629b895@mail.gmail.com> <[🔎] 20041105231328.GB16508@aokiconsulting.com> <[🔎] 3f9fee510411051535a4ad332@mail.gmail.com> <[🔎] 20041107141416.GA11837@steve.org.uk>

Steve Kemp writes:
> If you give people the ability to upload CGI scripts, like the perl
> example you mention, you've already lost - a malicious user could compile
> some C code statically and exectute that remotely.

No need for C.  Perl suffices.
-- 
John Hasler

Reply to:

Follow-Ups:
- Re: Limiting User Commands
  - From: Stephen Le <zeroion@gmail.com>

References:
- Limiting User Commands
  - From: Stephen Le <zeroion@gmail.com>
- Re: Limiting User Commands
  - From: Osamu Aoki <osamu@debian.org>
- Re: Limiting User Commands
  - From: Stephen Le <zeroion@gmail.com>
- Re: Limiting User Commands
  - From: Steve Kemp <skx@debian.org>

Prev by Date: Re: Enhancing video
Next by Date: Re: 'rpm --freshen': dpkg Equivalent?
Previous by thread: Re: Limiting User Commands
Next by thread: Re: Limiting User Commands
Index(es):
- Date
- Thread