Home > mailing lists

Re: [GENERAL] cgi with postgres - Mailing list pgsql-general

From	Stephane Bortzmeyer
Subject	Re: [GENERAL] cgi with postgres
Date	January 17, 2000 11:55:58
Msg-id	200001171355.OAA27261@ezili.sis.pasteur.fr Whole thread Raw
In response to	cgi with postgres (Jeff MacDonald <jeff@hub.org>)
Responses	Re: [GENERAL] cgi with postgres (Jeff MacDonald <jeff@hub.org>)
List	pgsql-general

Tree view

On Friday 14 January 2000, at 16 h 55, the keyboard of Jeff MacDonald
<jeff@hub.org> wrote:

>     make cgi dir 711
>     big deal, they can get the name of the file
>     from the web, and copy it.

My CGIs sources a config file, in mode 700, only readable by 'www' (the user
which executes Apache).

I adopted this after a CGI was inadvenrdently made available on the Web, in
source form :-)

If you have CGI authors you do not trust, have two Apache, with different IDs.

>     this is assuming they already have an account
>     on the machine, something that cannot be ruled
>     out.

Unix file protections are enough against local users.

pgsql-general by date:

From: "Moray McConnachie"
Date: 17 January 2000, 09:36:57
Subject: Re: Re[2]: [GENERAL] case-insensitive like operator

From: Robert Davis
Date: 17 January 2000, 13:07:59
Subject: Re: [GENERAL] How do you live without OUTER joins?

Re: [GENERAL] cgi with postgres - Mailing list pgsql-general

Previous

Next