Sep 24, 2004, 6:39 AM
Post #1 of 1
a very secure cgi enviroment
I really like to solve all the security problems in my web servers causes by younger-users.
After one year of program cgi-bin, i know that it can be very secure.... or not.
now, i'm the sysadmin of a ISP, and i see all days a lot of problems witch unsafe cgi-bin.
I suppoused that the use of apache-suexec is important, but only is the first-important-action. Safe-cgi and tainted mode can solve about the 90% of cgi problems. So , cuestion is how force all my users to use safe-cgi and tainted mode.
My options are:
- A simple perl script that verifiy all cgi file and change #!/usr/bin/perl by #!/usr/bin/perl -T
- A simple script, set in #!/usr/bin/perl, that set the tainted mode and eval the caller script ( i don't really like it ).
- any option that a perl-guru say me
maybe is another quick and simple option ?
Thanks in advance.