On Mon, Jan 24, 2005 at 05:56:38PM +0100, Philippe de Rochambeau wrote:
> Apart from not tainting the swish.cgi variables or forking swish-e,
> what would you call "insecure usage" on Unix?
General poor usage of CGI script -- allowing user input to go through
the shell, for example. Not correctly escaping user input. Bad file
permissions. Running swish as root or as a user that has too much
access. Things like that.
Your question was a bit to general to give you any specific answers.
Unsubscribe from or help with the swish-e list:
Help with Swish-e:
Received on Mon Jan 24 09:31:56 2005