Solved

Client-side Executable from Server-side script

Posted on 1997-06-25
3
201 Views
Last Modified: 2013-12-25
I'm using Perl 5 on IIS 2.0 w/ NT 4.0 and am having trouble
getting my server-side CGI script to launch an executable
on the client system, that resides on the client system.
Can perl/cgi handle this ?  Is it a job for Java ?
0
Comment
Question by:ericzim
  • 2
3 Comments
 
LVL 2

Accepted Solution

by:
mkornell earned 100 total points
ID: 1828570
This isn't an issue about Perl, CGI, but about security.

In general, having the server being able to start an executable on the client side is a huge security no-no.  Imagine if you went to my server, and clicked on a link which sent a file, any file, to your machine, then executed it.  I could destroy your hard drive before you could say "I love the Web!"

Netscape made big news last week when a bug was discovered in their browser which allowed something like this to happen.

Java is generally considered the answer if you must have the client end do some sophisticated processing.  (JavaScript or VBScript could also be considered for less sophisticated client-side tasks).  However, Java applets are limited in what kind of access they have to the client's hardware -- a Java applet cannot read from or write to the client's hard drive, for example.

HTH,--mark;
0
 

Author Comment

by:ericzim
ID: 1828571
Thanks for the quick reply, Mark.
Yes, I could see the security risk you presented, but the
solution I'm looking for will be implemented on a tightly
controlled Intranet scenario, where mutiny by the server
should be a fairly low probability.

On the technical side, would the Applet HTML tag potentially
do the trick ??
0
 
LVL 2

Expert Comment

by:mkornell
ID: 1828572
There's no way to bypass the built-in security precautions.

You could write a Java applet, and load that, if you can live with the limitations imposed on Java applets.

Other possibilities are to write ActiveX controls (if you're using IE) or Netscape-style plug-ins.  These do allow you to do anything you like on the client machine.

--mark;
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Shoutout to Emily Plummer (http://www.experts-exchange.com/members/eplummer26.html) for giving me this article! She did most of it, I just finished it up and posted it for her :)    Introduction In a previous article (http://www.experts-exchang…
Browsers only know CSS so your awesome SASS code needs to be translated into normal CSS. Here I'll try to explain what you should aim for in order to take full advantage of SASS.
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now