Scott has clarified this issue: ==== > But, I > don't get it...the so-called "malicious user" would have to be able to > install a script on our cgi-bin...and he wouldn't have access to it without > our login and password, which of course we don't give out. Scott replied: Correct: He's talking about being being a web hosting service that uses mchttpd as the main HTTP server. If all you're doing is running CGI applications, his concerns don't apply to your situation. ===== So, we are NOT installing mchttpd on our ISP web hosting machine in our cgi-bin. We just installed the mc engine. So, back to a "not to worry" state. Hinduism Today Sivakatirswami Editor's Assistant/Production Manager [EMAIL PROTECTED] www.HinduismToday.com, www.HimalayanAcademy.com, www.Gurudeva.org, www.hindu.org Archives: http://www.mail-archive.com/[email protected]/ Info: http://www.xworlds.com/metacard/mailinglist.htm Please send bug reports to <[EMAIL PROTECTED]>, not this list.
