The idea would be that the webserver would handle that file and send it to
cgi and delete it. But it is something to consider. Thanks!
-Will
----- Original Message -----
From: "Graham Leggett" <[email protected]>
To: <[email protected]>
Sent: Saturday, November 24, 2012 8:00 PM
Subject: Re: httpd and cgi
On 25 Nov 2012, at 1:59 AM, "Will" <[email protected]> wrote:
I was wondering how httpd handles POST requests to cgi. Does it stream
the body directly from the client to the cgi program? If this is the
case, what would be the downsides to streaming that to a file first and
going from the file (most likely filesystem cache) to the stdin of the cgi
program?
This would allow anybody to DoS your server by filling up the disk on
purpose and prevent further legitimate requests.
Regards,
Graham
--
