Subject: Re: [htdig3-dev] Fwd: ConfigDig alpha release: ht://Dig Admin Tool
Date: Wed Feb 09 2000 - 00:27:28 PST
> I'm hoping to add a "shell" type interface to it as well, for
> the people who don't want to take the trouble of setting up a web site for it.
> Beside, the CGI interface is a security risk in the first place. The httpd
> userid needs write access to a lot of uncomfortable places, not the least of
> which is htdig.conf!
Although I do not have pointers handy I'm sure there are a few perl modules
dealing with general protection for CGI. I think to remember one of them
transparently implement 'tcpwrapper like' protection scheme. I'd start to
look at the mod_perl home page and in CPAN. This would allow you to forget
security issues. As long as one can restrict usage to a specific set of
IP adresses or protect with password, that's ok.
-- Loic Dachary
24 av Secretan 75019 Paris Tel: 33 1 42 45 09 16 e-mail: email@example.com URL: http://www.senga.org/
------------------------------------ To unsubscribe from the htdig3-dev mailing list, send a message to firstname.lastname@example.org You will receive a message to confirm this.
This archive was generated by hypermail 2b28 : Wed Feb 09 2000 - 04:59:24 PST