[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-developers] Re: CGI Wrap Errors

Subject: Re: [cobalt-developers] Re: CGI Wrap Errors
From: corliss@xxxxxxxxxxxxxxx
Date: Tue May 23 16:15:03 2000

On Tue, 23 May 2000 Thescripter@xxxxxxx wrote:

> I have had NO problems with security or anything for that matter :)

No offense, but you're hardly secure.  It's ludicrous to think that every
possible hole has already been covered, and you're more at risk now than you
were with CGI wrappers.  All CGI will now be executed with the server's
permissions instead of the user's, and while you might think that's not an
issue, it is.  The server, by necessity, has much wider access to the entire
file system than a user would, making it more possible that someone might be
able to snarf data from another user's space.

On top of that, you've also opened yourself to possible DoS attacks, since
resource limits which were in place with CGI wrappers (assuming they installed
them intelligently) are no longer active.

In short, all you've done is make it easier to execute CGI, but in doing so
you've put your box that much more at risk.  No one ever said being a real 
administrator was easy. . .

	--Arthur Corliss
	  Programmer/Administrator
	  Gallant Technologies (http://www.gallanttech.com/)

References:
- Re: [cobalt-developers] Re: CGI Wrap Errors
  - From: Thescripter

Prev by Date: Re: [cobalt-developers] Re: CGI Wrap Errors
Next by Date: Re: [cobalt-developers] Re: CGI Wrap Errors
Previous by thread: Re: [cobalt-developers] Re: CGI Wrap Errors
Next by thread: Re: [cobalt-developers] Re: CGI Wrap Errors

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index