Solved

Client-side Executable from Server-side script

Posted on 1997-06-25
3
205 Views
Last Modified: 2013-12-25
I'm using Perl 5 on IIS 2.0 w/ NT 4.0 and am having trouble
getting my server-side CGI script to launch an executable
on the client system, that resides on the client system.
Can perl/cgi handle this ?  Is it a job for Java ?
0
Comment
Question by:ericzim
  • 2
3 Comments
 
LVL 2

Accepted Solution

by:
mkornell earned 100 total points
ID: 1828570
This isn't an issue about Perl, CGI, but about security.

In general, having the server being able to start an executable on the client side is a huge security no-no.  Imagine if you went to my server, and clicked on a link which sent a file, any file, to your machine, then executed it.  I could destroy your hard drive before you could say "I love the Web!"

Netscape made big news last week when a bug was discovered in their browser which allowed something like this to happen.

Java is generally considered the answer if you must have the client end do some sophisticated processing.  (JavaScript or VBScript could also be considered for less sophisticated client-side tasks).  However, Java applets are limited in what kind of access they have to the client's hardware -- a Java applet cannot read from or write to the client's hard drive, for example.

HTH,--mark;
0
 

Author Comment

by:ericzim
ID: 1828571
Thanks for the quick reply, Mark.
Yes, I could see the security risk you presented, but the
solution I'm looking for will be implemented on a tightly
controlled Intranet scenario, where mutiny by the server
should be a fairly low probability.

On the technical side, would the Applet HTML tag potentially
do the trick ??
0
 
LVL 2

Expert Comment

by:mkornell
ID: 1828572
There's no way to bypass the built-in security precautions.

You could write a Java applet, and load that, if you can live with the limitations imposed on Java applets.

Other possibilities are to write ActiveX controls (if you're using IE) or Netscape-style plug-ins.  These do allow you to do anything you like on the client machine.

--mark;
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Browsers only know CSS so your awesome SASS code needs to be translated into normal CSS. Here I'll try to explain what you should aim for in order to take full advantage of SASS.
In this article you will learn how to create a free basic website on Bitbucket, a git service provider. Polymer creates dynamic HTML components, which allow more flexibility than static HTML. This tutorial uses Ubuntu Linux but can also be done on W…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question