[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] cgiwrap users

Subject: Re: [cobalt-security] cgiwrap users
From: Jeff Lovell <jlovell@xxxxxxx>
Date: Thu, 7 Jun 2001 10:29:43 -0700
Organization: Cobalt Networks, Inc.
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Thu, 07 Jun 2001, Dave Worth wrote:

> "Execution of (nobody) is not permitted for the following reason:
> 
>                           User not Privileged."
> 
> Does anyone know how to work around this and/or where the cgiwrap config 
> files are so I may add user nobody into the permissions list?

That is a risky proposal.  Frontpage enabled sites are owner by the
user 'nobody'.  And allowing the CGI scripts to run as user 'nobody'
will put sites at risk from attacks with CGI scripts.

You may just want to disable cgiwarp for the directory.  Searching
the cobalt-users archive for "disable cgiwrap" should give you
a few suggestions on how to proceed.

http://list.cobalt.com/mailman/listinfo/cobalt-users/

Jeff

-- 
Jeff Lovell
Sun Microsystems Inc.

References:
- [cobalt-security] cgiwrap users
  - From: Dave Worth

Prev by Date: Re: [cobalt-security] [RaQ3] Port Sentry
Next by Date: Re: [cobalt-security] [RaQ3] Port Sentry
Previous by thread: [cobalt-security] cgiwrap users
Next by thread: RE: [cobalt-security] cgiwrap users

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index