| gabriel rosenkoetter on Thu, 14 Nov 2002 11:20:09 -0500 |
|
On Thu, Nov 14, 2002 at 08:22:29AM -0500, Kevin Brosius wrote: > epike@isinet.com wrote: > > - some users may want their own cgi-bin > > > > regardless of any security i think of by way > > of permissions, I can't think of a secure way > > to protect the users files from each other. > Um, aren't these web page files? Why would you want to make them read > protected from other accounts? Aren't they already publicly accessible > through the web server? Not in cgi-bin. Typically the source isn't legible (and, though it's a bad security model to trust it, sometimes you don't want it to be). The *output* of files in cgi-bin is world-readable. Their contents, not necessarily. -- gabriel rosenkoetter gr@eclipsed.net Attachment:
pgpqO6jdlveyq.pgp
|
|