[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Cgi scripts allow browsing through virtual sites

Subject: [cobalt-users] Cgi scripts allow browsing through virtual sites
From: "Kees Wakkerman" <wakkerm@xxxxxxxxxxxxxx>
Date: Mon May 7 07:47:35 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

A customer wants to set up a search script that browses through his entire
(virtual) site on our RAQ4 for certain keywords. One of the parameters in
the cgi script is the local server path for his site
(/home/sites/www.xyz.com/web). The script runs without error.
Now we change the server localpath parameter to /home/sites and... the
script is suddenly allowed to browse through all the other virtual sites as
well. Same happens when changing the server localpath parameter to /. How to
prevent cgi scripts to browse every directory on the RAQ4? How to prevent
users to browse out of their virtual site context?

Follow-Ups:
- Re: [cobalt-users] Cgi scripts allow browsing through virtual sites
  - From: Carrie Bartkowiak
- Re: [cobalt-users] Cgi scripts allow browsing through virtual sites
  - From: Keith Davis
- [cobalt-users] Sun-Cobalt Servers
  - From: Gerald Waugh

Prev by Date: Re: [cobalt-users] dip.t-dialin.net IP Range
Next by Date: Re: [cobalt-users] GNU Mailman on RaQ3: no message delivery
Previous by thread: [cobalt-users] Frontpage, with Webalizer on RAQ4i, solution.
Next by thread: Re: [cobalt-users] Cgi scripts allow browsing through virtual sites

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index