Re: [htdig3-dev] Fwd: ConfigDig alpha release: ht://Dig Admin Tool


Subject: Re: [htdig3-dev] Fwd: ConfigDig alpha release: ht://Dig Admin Tool
From: loic@ceic.com
Date: Wed Feb 09 2000 - 00:27:28 PST


>
> I'm hoping to add a "shell" type interface to it as well, for
> the people who don't want to take the trouble of setting up a web site for it.
> Beside, the CGI interface is a security risk in the first place. The httpd
> userid needs write access to a lot of uncomfortable places, not the least of
> which is htdig.conf!
>

 Although I do not have pointers handy I'm sure there are a few perl modules
dealing with general protection for CGI. I think to remember one of them
transparently implement 'tcpwrapper like' protection scheme. I'd start to
look at the mod_perl home page and in CPAN. This would allow you to forget
security issues. As long as one can restrict usage to a specific set of
IP adresses or protect with password, that's ok.

   Cheers,

-- 
		Loic Dachary

24 av Secretan 75019 Paris Tel: 33 1 42 45 09 16 e-mail: loic@dachary.org URL: http://www.senga.org/

------------------------------------ To unsubscribe from the htdig3-dev mailing list, send a message to htdig3-dev-unsubscribe@htdig.org You will receive a message to confirm this.



This archive was generated by hypermail 2b28 : Wed Feb 09 2000 - 04:59:24 PST