[REBOL] Re: APACHE + REBOL as CGI?
From: matt:blis at: 15-Sep-2001 11:14
> From: [rebol-bounce--rebol--com] [mailto:[rebol-bounce--rebol--com]]
> On Behalf Of john
>
> I don't get it Ryan? Why would not having to "install" Rebol make a
> security hole?
As Ryan pointed out with his very astute example, placing the Rebol
binary in the cgi-bin does two things:
1) it allows your Rebol executable to be used in any url on your server
2) it allows *anyone* to do 1)
Due the the nature of Rebol being able to 'do remote scripts, someone
could quite easily write a script to send files/passwords/do system
commands on YOUR server.
This is Not A Good Thing(tm)
Matt.
