Good morning all, I have been working on an issue here where I am being asked if we can support letting clients install and run their own CGI scripts on a shared vhost. I have tried sbox and cgiwrap, both which worked, but they cannot stop the one test of reading the /etc/passwd file.
Forgive my ignorance here, but I thought CGIs were gone long ago and have not messed with them in over ten years. If a client really needs a specfic CGI script hosted, I check it out thoroughly and install it where they cannot reach it. Those instances are very very rare. It looks to me like the only way to keep a client contained is to run their CGIs chrooted. Would this be correct? DAve -- "Posterity, you will know how much it cost the present generation to preserve your freedom. I hope you will make good use of it. If you do not, I shall repent in heaven that ever I took half the pains to preserve it." John Adams http://appleseedinfo.org _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
