[REBOL] Re: security violation
From: gchiu:compkarori at: 21-Dec-2000 21:06
On Wed, 20 Dec 2000 21:21:59 -0800 (PST)
Kevin McKinnon <[kevin--sunshinecable--com]> wrote:
> The webserver typically runs as user 'nobody' (or some
> other virtual user
> ID) with minimal permissions. One of the things 'nobody'
> can do is read
> and execute programs in your cgi-bin... but cannot write
> there.
But my Perl scripts can write to my cgi-bin directory.
Rebol -cs does the trick
> What you should do is create a data directory somewhere
> else in your home
> directory (preferably *above* the directory the webserver
> uses as root, so
> that your data can't be retrieved via the webserver by
> some unscrupulous
> user) and give that directory read/write permissions for
> user 'nobody'.
That's a thought. I was wondering where I could put data
that I didn't want in my cgi-bin directory. I'll give that
a go.
Thanks,
--
Graham Chiu