[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] protecting text files in my cg-bin directory from prying eyes
- Subject: Re: [cobalt-users] protecting text files in my cg-bin directory from prying eyes
- From: "Randy" <rherban@xxxxxxxxxxx>
- Date: Fri Oct 20 12:27:17 2000
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
> I have searched the archives and found lots of posts on directory browsing
> and how to disable it. I have a more specific question. I have added
> index.html files to all my directories to keep people from being able to
> get directory listings via there web browsers. However, they can still
> view any non-executable files via their browser if they happen to know or
> guess the file name. For example, I have several log and data files
> written to by my cgi-bin scripts that live in my cgi-bin directory. Some
> of these files contain sensitive information and I do not want people to
be
> able to read the files via their browsers.
>
> What is the easiest way to fix this security hole?
>
> I know very little Linux, so please talk slowly and use small words. ;-)
>
> Thanks,
> Brian
>
Sounds like the easiest way is to have the cgi's write their logs and what
not to a different folder that isn't viewable by the web.
----------------------
Randy
Webmaster - NetOps
Skyenet - 219.247.3405
rherban@xxxxxxxxxxx
webmaster@xxxxxxxxxxx