Solved

security question

Posted on 1998-02-20
5
149 Views
Last Modified: 2013-12-25
I have ever read an article that someone can execute the shell command from your cgi script if you do not create the cgi script correctly.

How to avoid this? I wrote my cgi script using c++ because I do not understand Perl. Anyone has any security tip for me?

0
Comment
Question by:v5
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 84

Expert Comment

by:ozo
ID: 1832027
If you create a script like
 system( getenv("QUERY_STRING") );
then someone can execute shell command from it.
You should be careful to avoid doing things like that.
0
 
LVL 32

Accepted Solution

by:
jhance earned 50 total points
ID: 1832028
Security in CGI-BIN programs is tough to ensure.  Go over your program section by section.  Ask yourself, "have I made any assumptions about what the script will receive from the user?"  Think about what will happen when something unexpected comes back from a user.  Too much data, too little data, numbers instead of strings, strings instead of numbers, control characters, punctuation characters, extra arguments, missing arguments.  In general, write a function to verify each piece of data received by your program before operating on it.  Set defaults in your program for each parameter that will be in effect if the data doesn't come back from the browser.

Also, if for some reason you think that your program must run as root, think about it some more.  Don't do it!  It's just too risky.  Find another way.
0
 

Author Comment

by:v5
ID: 1832029
ozo, I have a question. Here is my unsecure code (the name of the executable file is "test"). Using my browser, I typed
www.blablabla.com/cgi-bin/test?date
and nothing happened. Should it print out the date?

#include <iostream.h>
int main(void) {
 const char* a = system(getenv("QUERY_STRING"));
 cout << "Content-type: text/html\n\n";
 cout << "<html>";
 cout << a;
 cout << "</html>";
 return(0);
}  
0
 
LVL 84

Expert Comment

by:ozo
ID: 1832030
Probably not, since system returns an int, not a char*.
But
 cout << "Content-type: text/html\n\n";
 cout << "<html>" << flush;
 system(getenv("QUERY_STRING"));
 cout << "</html>";
should print the date.
(and www.blablabla.com/cgi-bin/test?rm* may do other nasty things,
whether or not it prints out anything, which is why you don't want to do this)


 
0
 

Author Comment

by:v5
ID: 1832031
Ozo, your answer is great too! I have your grade in my mind. It's BIG A++ !

0

Featured Post

MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will focus on how to use WhizBase as a tool for sending ICQ messages to ICQ. Here I will use a new technology in WhizBase, published in WhizBase 5.1 version. In this tutorial I will use 3 files, pager.wbsp for the processing, e…
This article will show, step by step, how to integrate R code into a R Sweave document
Learn the basics of while and for loops in Python.  while loops are used for testing while, or until, a condition is met: The structure of a while loop is as follows:     while <condition>:         do something         repeate: The break statement m…
In this fourth video of the Xpdf series, we discuss and demonstrate the PDFinfo utility, which retrieves the contents of a PDF's Info Dictionary, as well as some other information, including the page count. We show how to isolate the page count in a…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question