Date: Tue, 19 Jan 1999 03:54:33 +0000 (GMT) From: Terry Lambert <tlambert@primenet.com> To: FreeBSD-Current@FreeBSD.ORG Subject: Re: FrontPage Extensions Message-ID: <199901190354.UAA04699@usr04.primenet.com> In-Reply-To: <00ea01be374a$b11fa020$1acb2e9c@westbend.net> from "Scot W. Hetzel" at Jan 3, 99 12:35:35 pm
next in thread | previous in thread | raw e-mail | index | archive | help
For what it's worth, the FP security issues are very well documented by ReadyToRun Software's site (these are the folks who do the UNIX ports for Microsoft). They also keep both BSDI 2.1 and 3.0 binaries available, and they know about FreeBSD (it's mentioned in the FAQ as an unsupported platform; apparently someone was having problems with the MD5 password hashing. Someone who cares should send them mail on how to update their FAQ to be more correct, and to raise FreeBSD's visibility as a platform -- e.g. what versions to us4e for what, install instructions for FreeBSD, etc.). Here is the source code to mod_frontpage and fpexe: http://www.rtr.com/fpsupport/SERK/a_modfp.htm http://www.rtr.com/fpsupport/SERK/a_fpexe.htm Here's Microsoft's take on the security issues: http://www.rtr.com/fpsupport/SERK/security.htm Pretty much, using the source code provided, you could add FP extensions to any web server for which you had source. One caveat is that the FrontPage client (stupidly) will refuse to create "sub webs" unless the server type is "netscape" or "apache-fp", so I guess it's back to lying about what your server is if it isn't one of those; sorry, JAVA-teers... Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199901190354.UAA04699>