httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Hartill <>
Subject Re: includes security hole
Date Tue, 11 Apr 1995 08:40:10 GMT
> >Is there a way to block server side includes running "cmd", and
> >only allowing "cgi" ?
> I've already thought about this, and was going to suggest the following:
> that #include be able to execute cgi scripts. I don't see any obvious
> security problems with this, even if cmd is blocked.

I had this working last night. I'll upload a patch sometime


View raw message