andu wrote/ schreef:
>>> what the cgi script does is a another matter and could become a
>>> security concern.
>>
>> Yes, that is another matter altogether.
Well, I think this is the most important reason why IPS's don't install
MetaCard. You can do almost everything from within a .mt script.
For Perl or something, the operators use a so- called CGI-wrapper, which
restricts the CGI-script in a certain way. I know that a CGI-wrapper for .mt
scripts doesn't exist yet.
How do CGI-wrappers generally work? Do they check the script beforehand, or
do they continuously monitor and eventually block the actions of the .mt
script? How difficult would it be to make one? Because then MetaTalk would
be real-world language, also for system operators.
And what security measurements does the UNIX system have already without a
CGI- wrapper? For example, as what user is the .mt script 'logged in'?
If someone can give me answers on the questions, and it wouldn't be to
difficult to make CGI-wrapper for .mt, I'd like to make one.
Regards,
Sjoerd
Archives: http://www.mail-archive.com/[email protected]/
Info: http://www.xworlds.com/metacard/mailinglist.htm
Please send bug reports to <[EMAIL PROTECTED]>, not this list.
