httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Jagielski <...@jaguNET.com>
Subject Re: mirrors and SSIs
Date Wed, 02 Jul 1997 00:49:36 GMT
Ben Laurie wrote:
> 
> Dean Gaudet wrote:
> > 
> > No this is the wrong answer.  I, for example, refuse to run CGIs or SSIs
> > that I download automatically from taz... and I trust Brian.  Requiring
> > mirrors to run SSI or CGI means that a compromise of taz can be a
> > compromise of every single mirror site.
> 
> Hang on - isn't SSI with no exec supposed to be safe?
> 

I think the concern is the "supposed to be" part... Quite a number
of web-masters refuse to run any form of SSI, simply because it
_could_ be unsafe :/

-- 
====================================================================
      Jim Jagielski            |       jaguNET Access Services
     jim@jaguNET.com           |       http://www.jaguNET.com/
            "Look at me! I'm wearing a cardboard belt!"

Mime
View raw message