Amateur looking for advice on web security/CGI folder....

Tim Selander selander at tkf.att.ne.jp
Thu Aug 13 19:29:55 EDT 2015


Hi all,

I work at a small broadcast production company, and since HC days have 
made in-house programs that have helped us in a variety of ways. Now 
using a bit of LC v7 with its unicode support.

Would like to have data available to staff who are on the road. A few 
months ago, asking about sql stuff, Richard Gaskin suggested just using 
text files for data. In my testing, this has worked great. Loading up 
sample data sets that are far larger than anything we really need, 
performance has been fine. Don't need a database.

So I avoid all the SQL security discussion all you pros have been having 
(along with version control, github and a whole bunch of other stuff 
that makes me realize I'm a real amateur and that we're not in HC's 
Kansas, anymore....)

My remaining question is on keeping text data secure on our web server 
(on-rev). I use LC scripts in the cgi folder. My understanding is that 
the cgi folder is secure from any outside breach. Is that understanding 
correct? So if I store my company's customer data in the cgi folder, it 
is secure?

Thanks,

Tim Selander
Tokyo, Japan




More information about the Use-livecode mailing list