[Gllug] Apache mod_ssl
Doug Winter
doug at pigeonhold.com
Thu Aug 12 08:18:44 UTC 2004
Xander D Harkness wrote:
> I was also wondering if people who managed shared hosting environments
> did anything to monitor vulnerable scripts or cgi programs. The most
> obvious is formmail.cgi that has long been exploited by spammers of all
> varieties.
I think the only reliable way is to eyeball every script personally.
Don't allow write access to cgi-bin, give users a drop area and move
them in yourself. Obviously this is a real pita.
Alternatively don't allow cgis at all, but use something like Zope that
provides a sandbox environment that allows users to write scripts but
tries to make them safe. It's not perfect, but it's pretty good.
doug.
--
6973E2CF: 2C95 66AD 1596 37D2 41FC 609F 76C0 A4EC 6973 E2CF
http://adju.st/
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list