how safe is Python for CGI?
Piet van Oostrum
piet at cs.uu.nl
Tue Oct 8 20:35:56 CEST 2002
>>>>> Jeff Davis <jdavis at empires.org> (JD) writes:
JD> Shouldn't be a problem. Nobody can read your executable scripts unless you
JD> misconfigure apache. If you tell apache that it's supposed to execute .cgi
JD> files, or files in your /cgi-bin directory, then it will.
JD> One thing you should be careful of, however, is that if others have remote
JD> login ability to your machine, make sure they can't just read the file
JD> with a text editor.
And other people with CGI scripts may be able to read your scripts from
their code, unless suEXEC is used.
Piet van Oostrum <piet at cs.uu.nl>
URL: http://www.cs.uu.nl/~piet [PGP]
Private email: P.van.Oostrum at hccnet.nl
More information about the Python-list