[Ilugc] apache cgi-perl doubts
- From: linux@xxxxxxxxxxxxxxxx (Suresh Ramasubramanian)
- Date: Mon Jun 6 20:20:29 2005
On Mon, Jun 06, 2005 at 06:35:26PM +0530, Rahul Sundaram wrote:
Hi
Yes I know that but this could be the right solution for a novice
user's testing.
Novice users should understand and learn the technology rather than
disabling security measures. This is like logging in as root to prevent
the password dialog boxes. If its debugging process, then read the FAQ
and relevant documentation to understand best on how to do it.
And be careful to whom you're recommending solutions
The guy's programming for a bank. So, quite likely, he's facing a problem
with code he's writing at work, rather than trying to learn cgi
I would not recommend that any code that has the least chance of going into
production at a bank should have low security defaults. Banks have enough
crackers, phishers etc targeting them without their making it easy for
intruders to get into their systems
This doesnt look like a selinux issue at all, could be more like "your user
has permissions for the db, but the user the webserver runs as - say nobody
- doesnt have permissions granted for the db .. so the script runs just
fine on the shell but not when called from mod_perl"
srs
Other related posts: