-----BEGIN PGP SIGNED MESSAGE----- Hi.
I want to enable the users of my webserver to use certain CGI-scripts (provided by me) by using mod_include. To do that, one would use the tag <!--#exec cgi="/cgi-bin/script" -->, but one could also use the <!--"exec cmd="dangerous.command" -->. That last possiblity is what I want to eliminate. One way would be to remove /bin/sh, which is out of the question. Any other suggestions? ============================================================== * Jakob Borg E-mail: [EMAIL PROTECTED] Site: http://k2.lund.se/jakob Fingerprint: 43 81 BC 4D F6 D3 02 AE 9B 07 61 16 BD 06 0C E0 ============================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: cp850 iQCVAwUBM9XuD7qO9bSbxuVpAQEibwP9Fse4jr8BcFCvUIbKLOiN4JZ5Y6OyxFlL dQJ+i5a1XG30a10j8lJ2avw1u9bbBhrHjlwGgGFsfBBID+/qwErj1ObEKrUSw1Zh myu/LU6fvK4uJnvK8aod+I9Z21cz6X5tU6nXzbbzDdDEw4tz9wjD6e0jwvJmOHPq CZSOXFbMan4= =g/qT -----END PGP SIGNATURE----- -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
