Return-Path: owner-new-httpd
Received: by taz.hyperreal.com (8.6.10/8.6.5) id UAA05316;
 Sun, 16 Apr 1995 20:52:14 -0700
Received: from eat.organic.com by taz.hyperreal.com (8.6.10/8.6.5) with ESMTP
 id UAA05311; Sun, 16 Apr 1995 20:52:12 -0700
Received: (from brian@localhost) by eat.organic.com (8.6.11/8.6.9) id
 UAA14750; Sun, 16 Apr 1995 20:52:28 -0700
Date: Sun, 16 Apr 1995 20:52:27 -0700 (PDT)
From: Brian Behlendorf <brian@organic.com>
Subject: Re: IncludesYesCGInoCMD 
To: new-httpd@hyperreal.com
In-Reply-To: <9504152334.aa08581@paris.ics.uci.edu>
Message-ID: <Pine.3.89.9504162056.G12897-0100000@eat.organic.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-new-httpd@apache.org
Precedence: bulk
Reply-To: new-httpd@apache.org

On Sat, 15 Apr 1995, Roy T. Fielding wrote:
> My opinion is that I shouldn't have to add an IncludesNOEXECCGI (or whatever)
> just to make my existing status (w/1.3R) regarding security and unnecessary
> server load the same under Apache.  I do use NOEXEC to prevent users from
> including CGI stuff -- I don't trust my users and I don't trust CGI scripts
> (even after I have checked them).

But... is there a big difference between 
<!--#include virtual="/cgi-bin/nukeserver.pl" --> and
<a href="/cgi-bin/nukeserver.pl">Click here for nudie gifs!</a>?
I.e., if don't trust your users to create CGI scripts, you're not going 
to give them the chance to #include one of theirs anyways.  

> It would make more sense to keep IncludesNoExec as is and add
> 
>     IncludesNoExecCMD
> 
> which just turns off exec cmd.

I'm just trying to keep featuritis and server bloat under control.  Of 
course if everyone wants to make this the Emacs of servers (lisp 
interpreter, anyone? :) then I guess I'm outvoted.

Roy, if you come back and say it's truely not the same, then I'll relent.

	Brian

--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
brian@organic.com  brian@hyperreal.com  http://www.[hyperreal,organic].com/