Hi, the described workaround does work for Notes-Servers not using CGI at all. However, there is still a problem with hiding the cgi's in a different script directory: GET /cgi-bin/test HTTP/1.0 HTTP/1.1 200 Found Server: Lotus-Domino/Release-4.6.2a Date: Thu, 23 Dec 1999 07:58:37 GMT Content-Base: http://192.168.64.8/CeGeIh/test Content-Type: text/html Content-Length: 1841 Notes sends the ,,real'' script directory in the Content-Base-Field of the header. Using this information, the machine can still be crashed. (tested successfully) This is tested with 4.6.2a only since I don't have any other versions. Gruesse, jens - - Jens Frank, Unix Systems Deutsche Boerse AG Fon +49 69 2101 5099 Fax +49 69 2101 3831
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:23:11 PDT