Solved

CGI SECUIRTY

Posted on 2003-12-02
1
189 Views
Last Modified: 2013-12-25
Hi Yall
Ive got a cgi "e-greeting card" located here.

http://www.21stcenturyspace.co.uk/card.html

i havent modfied it at all although there is a directory that contains the card gifs on the server thats CHMOD'd 777

the html card is also written to this directory for the recipient to view.

Does anyone know if there are any security issues related to this directory.


Cheers

MM
0
Comment
Question by:metalmickey
1 Comment
 
LVL 6

Accepted Solution

by:
aolXFT earned 125 total points
ID: 9860663
If it is on a shared server it can be a security risk to have it there.

It would be safer to put it outside the web-server-tree.

If you are using apache, you can mod the config to not allow any access to that directory, by the webserver. (Your CGI scripts will still be able to read and write to that dir)

The biggest problem would be people putting code into that directory, leading to execution of aribitory code.
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
how to change the file name and add alert 16 58
Help in WHSCRIPT 9 47
home folder path for users 4 58
Need some help in Batch file assigning variable value ? 4 66
In this tutorial I will aim to show you how simple is making a small application in WhizBase, how to add, remove and update data in the DB. I will make a small address book application where you can add, browse, update and remove addresses. I wi…
Introduction:   Welcome to my first article ever. To begin with, the reason I write this article.  I participated in a question on Experts Exchange about the start command in Windows and there were some discussion about the usage. The discussio…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now