webserver cgi question

From: Rob McMillen (rvmcmilat_private)
Date: Sun Jan 26 2003 - 06:42:42 PST

Next message: George Dinwiddie: "Re: Standards for developing secure software"

Previous message: Pavel Kankovsky: "Re: Standards for developing secure software"
In reply to: Jose Nazario: "Re: Secure programming FAQ?"
Next in thread: Pete Herzog: "RE: Secure programming FAQ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I am trying to create a cgi that potentially modifies firewall rules in 
iptables.  Would anyone care to comment on the potential for letting a 
webserver running as nobody execute code that requires root access?

Should the cgi be setuid?
Should the webserver modify a file that root's cron is constantly 
monitoring?


Thoughts?  Comments?

Thanks in advance,

Rob

Next message: George Dinwiddie: "Re: Standards for developing secure software"
Previous message: Pavel Kankovsky: "Re: Standards for developing secure software"
In reply to: Jose Nazario: "Re: Secure programming FAQ?"
Next in thread: Pete Herzog: "RE: Secure programming FAQ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Jan 26 2003 - 09:33:14 PST