Re: [Mod-fcgid-users] FastCgiAccessChecker

2007-05-05 Thread Janis Volbergs
Hi there, find below the previous discussion which then resulted in nothing :( From: Janis Volbergs [EMAIL PROTECTED] Date: March 2, 2007 2:26:14 PM GMT+02:00 To: mod-fcgid-users@lists.sourceforge.net Subject: Re: [Mod-fcgid-users] Problem with FastCgiAccessChecker Hi! Thanks for prompt

Re: [Mod-fcgid-users] security problem, possible DoS : fcgid large file uploading and input buffering

2007-05-08 Thread Janis Volbergs
Hi! Why not limit maximum size of the data to be uploaded? This should be an easy patch to mod_fcgi. And about buffering, it would be more safe to have temporary files. However, this might get insecure, if the server has multiuser environment. E.g. other users might easily steal those

Re: [Mod-fcgid-users] security problem, possible DoS : fcgid large file uploading and input buffering

2007-05-09 Thread Janis Volbergs
On May 9, 2007, at 10:54 AM, Gabriel Barazer wrote: On 05/08/2007 21:41:41 +0200, Janis Volbergs [EMAIL PROTECTED] wrote: Why not limit maximum size of the data to be uploaded? This should be an easy patch to mod_fcgi. And about buffering, it would be more safe to have temporary files