SPUG: setuid & CGI security (was: site clutter)
Alex Algard
algard at cardomain.com
Tue Jun 26 02:22:58 CDT 2001
> If one forgets to put an "index.html" in ones cgi-bin you can get a lot
> of insight to the cgi structure of the server by browsing the cgi-bin
> directory. It is a very common mistake. I have used this myself to learn
> more about how a website is structured.
Definitely disable autoindexing by default, and then enable it selectively
on a per-directory basis as needed (just since it's such a "very common
mistake").
________________________
Alex Algard
CarDomain Networks, Inc.
425-820-2244 x111 | fax: 425-820-5951
algard at cardomain.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
POST TO: spug-list at pm.org PROBLEMS: owner-spug-list at pm.org
Subscriptions; Email to majordomo at pm.org: ACTION LIST EMAIL
Replace ACTION by subscribe or unsubscribe, EMAIL by your Email-address
For daily traffic, use spug-list for LIST ; for weekly, spug-list-digest
Seattle Perl Users Group (SPUG) Home Page: http://www.halcyon.com/spug/
More information about the spug-list
mailing list