dave.cragg at lacscentre.co.uk
Tue Feb 19 17:38:17 CST 2008
On 19 Feb 2008, at 02:15, Chipp Walters wrote:
> exactly which version of the Rev engine do I install? I suppose
> it's a Linux
> one, and I suppose I put it in the cgi-bin folder.
I may just be nervous by nature, but I never put the engine in the
cgi-bin folder. By my understanding, the http server will try to
execute anything in the cgi-bin folder that has execute permissions
set. My worry is whether the server can be coerced into passing
parameters when it tries to run the engine. (There was a security
problem in the past with the Perl executable on Windows due to this.)
While I'm fairly confident Rev is immune from this, why take the risk?
I stick it somewhere like /usr/bin/revbin, and so the top of my
scripts look like this:
More information about the use-livecode