>> Hmm. You want to have people run a web browser as root and run cgi >> scripts with root privilage. Please don't make this a default. I >> can't think of any way to make this secure. It would be better
I think they said that lynx can run CGI's without a webserver... *if* that is true then there is no (additional) security risk. Just put all the CGI's into the /var/admin directory and only allow root to read/execute stuff from it. >It might be useful to use a specialized web server that is not >very configurable, but has an extra emphasis on security. This >could run on a non-standard port from /etc/inetd.conf, so it >wouldn't conflict with a web server on the same system which >was intended for normal uses. If it was run from inetd then it could also be configured to deny non-local connections in host.deny by default. >I like the idea. :-) Hmmm, me too. Adam. -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
