jolehmus
asked on
Linux-server and Discussion group
My Internet operator doesn't have in his webserver the extensions needed to
run Discussion groups (made by FrontPage97 Discussion group wizard). The
server is using Linux.
The operator hesitates in getting these extensions. He says that it might be
possible that the use of Discussion groups in his server could cause harm to
the server. According to him it could cause security problems or poblems in
proper functionig of the server programs (e.g. the server could even go
down).
What do you think or know about these risks. Are they possible risks and if
so how probable do you think they are and in what kind of situations they
are posible?
If there aren't any real risks how could I make my operato sure about this?
run Discussion groups (made by FrontPage97 Discussion group wizard). The
server is using Linux.
The operator hesitates in getting these extensions. He says that it might be
possible that the use of Discussion groups in his server could cause harm to
the server. According to him it could cause security problems or poblems in
proper functionig of the server programs (e.g. the server could even go
down).
What do you think or know about these risks. Are they possible risks and if
so how probable do you think they are and in what kind of situations they
are posible?
If there aren't any real risks how could I make my operato sure about this?
bluepet
they are pulling you leg... they just don't want to provide that service
These frontpage web extensions for Apache (I assume he's running Apache) are something of a mystery. I searched around for them a while for someone else, and found little reference to them, not even an explanation of what they do, although I did find the source code for them via freshmeat (http://freshmeat.net - search for "frontpage"). I sort of applaud him on one hand for making sure he doesn't compromise the security of his network by just plugging in software he's not familar with. I don't know if he's right or wrong as I've never used the package itself. Probably the only way to convince him is to set it up and test it extensively yourself, as he probably does not have the time or the inclination to do so. If you can ensure him that they don't pose a security risk, he'd probably thank you for taking the time to test something which allows him to offer greater functionality.
If he lets you run cgi scripts, there's tons of them (including messaging facilities, e.g. "wwwboard") at Matt's Scripts Archives (http://www.worldwidemart.com/scripts/). These may serve the same purpose you're trying to accomplish via the use of Frontpage server extensions.
If he lets you run cgi scripts, there's tons of them (including messaging facilities, e.g. "wwwboard") at Matt's Scripts Archives (http://www.worldwidemart.com/scripts/). These may serve the same purpose you're trying to accomplish via the use of Frontpage server extensions.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
the fp extensions for linux _are_ a major security bug if installed following the docs, because they install many setuid root cgi scripts.