[thelist] Advisablitity of SSI
Timothy J. Luoma
luomat at operamail.com
Fri Sep 19 15:24:59 CDT 2003
On Fri, 19 Sep 2003 16:12:23 -0400, Maisha Walker <maisha at e-vent.org>
wrote:
> I've also heard rumors about security problems with SSI - anyone have any
> thoughts refuting or validating this concern?
I've heard that as well. I don't know if it is valid, but the idea is
that you could 'exec rm' or some other thing. Sounds like something that
shouldn't be possible. If I am a user I shouldn't be able to delete
anything but my own files.... and if I want to do it via a webpage, well,
that's my own business.
That said, I found it much easier to find a host that supported PHP than
SSI so I just started doing my includes that way.
FWIW
TjL
More information about the thelist
mailing list