Michael MacIsaac wrote:
And, I agree with your warnings about giving access to CP commands.
If you give sudo vmcp access to only users the www group, which has one
user, wwwrun (that apache runs under) by default, then no holes there. If
a rule of security: be paranoid. I'm sure nobody here will admit to
attempts to snoop on anyone else's computer systems, but Caution
suggests everyone should assome someone else would like to snoop on theirs.
the cgi-bin scripts only do specific queries of z/VM then no holes there.
And for one more layer of security, you could use a .htaccess file to
require credentials.
Funnelling arbitrary CP commands through a Web interface would be
dangerous.
Like stingrays.
--
Cheers
John
-- spambait
[EMAIL PROTECTED] [EMAIL PROTECTED]
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/
Please do not reply off-list
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
