CGI Security, reminder to myself
Pierre Sahores
psahores at easynet.fr
Sat Feb 15 01:46:01 EST 2003
Allo Sadhunathan,
>
> Greetings,
>
> A few weeks ago I posted some 'how to' notes on this list for developing
> a web enabled, postgres based application, based on earlier work from
> Pierre. It was a series of mails. I've made it into a presentable
> single html doc so I can eventually post it maybe like Scott did with
> graphical "top" on Linux Journal. Or somewhere. (Actually Scott's
> top is also on metacard.com under white papers and just like he said,
> it runs right out of the box using only the free trial version of MC).
>
> In any case, did anyone notice any gaping security holes in that cgi
> application I posted?
>
> There was one.
>
> Curious?
For sure ! Could you explain us what this security hole was ? For the
how-to ftp update, you know how to do ;-)
>
> This is a reminder to myself to write to y'all about that, and also
> update my how-to faq.
>
> Aloha,
> Sadhu
>
Thanks.
Kind regards, Pierre Sahores
Inspection académique de Seine-Saint-Denis.
Applications et bases de données WEB et VPN
Qualifier et produire l'avantage compétitif
More information about the metacard
mailing list