From owner-freebsd-questions Sat Sep 9 8:27:44 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mx7.port.ru (mx7.port.ru [194.67.23.44]) by hub.freebsd.org (Postfix) with ESMTP id 47DBD37B422 for ; Sat, 9 Sep 2000 08:27:42 -0700 (PDT) Received: from hearst.int ([10.0.0.103] helo=hearst.mail.ru) by mx7.port.ru with esmtp (Exim 3.14 #3) id 13XmXd-0007dQ-00 for freebsd-questions@freebsd.org; Sat, 09 Sep 2000 19:27:41 +0400 Received: from mail by hearst.mail.ru with local (Exim 3.14 #4) id 13XmXc-000Ljj-00 for freebsd-questions@FreeBSD.ORG; Sat, 09 Sep 2000 19:27:40 +0400 Received: from [194.105.213.25] by win.inbox.ru with HTTP; Sat, 09 Sep 2000 15:27:40 +0000 (GMT) From: "Simakin Alexandr" To: freebsd-questions@FreeBSD.ORG Subject: CGI-scripts security Mime-Version: 1.0 X-Mailer: mPOP Web-Mail 2.19 X-Originating-IP: [194.105.213.25] Reply-To: "Simakin Alexandr" Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 8bit Message-Id: Date: Sat, 09 Sep 2000 19:27:40 +0400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Does anybody knows, how to allow read/write access for users cgi-scripts ONLY in users own home directories and restrict all access (including read!) to all other directories and its content. CGIWrap is cool, but if you have such files: -rw-r--r-- 1 root wheel 1067 Sep 9 17:28 /etc/passwd you can read this file even when CGIWrap installed, find users with SU rights, lunch password finder utility and so on. Alex Simakin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message