Sorry but, it's wrong.
All users of the system need access in the /etc/passwd.
I won't cgi-scripts list the /etc/passwd
On 7/16/07, Mark Watts <[EMAIL PROTECTED]> wrote:
> Hello Friends.
>
> I need tips to add more security in my Apache Server. Mainly with
> cgi-scripts,
> I use the suEXEC, but, with a cgi-script (perl), I obtain a list of the
> /etc/passwd.
>
> Example:
>
> #!/usr/bin/perl
>
> system("cat /etc/passwd");
>
>
>
> how to solve these problems?
>
> Thank's
chmod 700 /etc/passwd
Mark.
--
Mark Watts BSc RHCE MBCS
Senior Systems Engineer
QinetiQ Trusted Information Management
Trusted Solutions and Services Group
GPG Key: http://keyserver.veridis.com:11371/search?q=0x455420ED
