how safe is Python for CGI?

Piet van Oostrum piet at cs.uu.nl
Tue Oct 8 20:35:56 CEST 2002


>>>>> Jeff Davis <jdavis at empires.org> (JD) writes:

JD> Shouldn't be a problem. Nobody can read your executable scripts unless you 
JD> misconfigure apache. If you tell apache that it's supposed to execute .cgi 
JD> files, or files in your /cgi-bin directory, then it will. 

JD> One thing you should be careful of, however, is that if others have remote 
JD> login ability to your machine, make sure they can't just read the file 
JD> with a text editor.

And other people with CGI scripts may be able to read your scripts from
their code, unless suEXEC is used.
-- 
Piet van Oostrum <piet at cs.uu.nl>
URL: http://www.cs.uu.nl/~piet [PGP]
Private email: P.van.Oostrum at hccnet.nl



More information about the Python-list mailing list