https://www.webmaster-forums.net/crss/node/1001175 en https://www.webmaster-forums.net/serverside-scripting/looking-absolute-beginners-guide-cgi-security#comment-1005123 <p>Orpheus,</p> <p>Thank You for your reply.</p> <p>This would be for those who can chmod a file. There are a lot of "webmasters" who have learned enough about CGI to find what they are looking for, edit the few files according to the instrux, ftp it to their server, then chmod.</p> <p>This is the group I am targeting. Anyone who knows how to write CGI scripts should be more than capable of understanding the CGI security guides that are already available. </p> <p>Basically, you only need to learn a few steps to be able to load a free CGI program onto your server. But these people do not know nearly enough to understand the security risks involved with some of the programs they are loading.</p> <p>They either don't take the time to read the current security guides, or the terminology or presentation is just a bit over their heads.</p> <p>We are just looking for a short but sweet guide in plain english, telling them why they need to think twice before uploading a script.</p> <p>As an example: we can give just a few simple step by step instrux on how to load either a formmail or off site search engine to someone's site.</p> <p>They are very simple steps, anybody who can read and has access to their server could implement these scripts.</p> <p>But this does nothing to address the security issue.</p> <p>We think it would be irresponsible to explain how to load a script without providing all of the necessary cautions as well.</p> <p>We could write it up ourselves, and probably will if no one can help, but we trying to offer the best advice and CGI code is not our specialty, so were looking for outside help if possible.</p> <p>Thanks,</p> <p>Greg</p> <p>[This message has been edited by CLYMB (edited 25 June 2000).]</p> Fri, 23 Jun 2000 07:04:00 +0000 CLYMB comment 1005123 at https://www.webmaster-forums.net https://www.webmaster-forums.net/serverside-scripting/looking-absolute-beginners-guide-cgi-security#comment-1005122 <p>I think it would be nearly impssible to write a simple guide to explain CGI security to someome who doesn't even know how to CHMOD a file. </p> <p>Someonce once told me (i really like this quote btw) "It's not Perl thats insecure it's your code."</p> <p>You may want to put that up just to get peoples attention. <img src="http://www.webmaster-forums.com/ubb/smile.gif" alt="" class="bb-image" /></p> <p>Do you need this guide for people who are writing their own programs or installing other peoples programs to the server?</p> Thu, 22 Jun 2000 09:36:00 +0000 Orpheus comment 1005122 at https://www.webmaster-forums.net