[thelist] Advisablitity of SSI

Hassan Schroeder hassan at webtuitive.com
Fri Sep 19 17:07:00 CDT 2003

Maisha Walker wrote:

> I've also heard rumors about security problems with SSI - anyone have any
> thoughts refuting or validating this concern?

Thoughts? Yes -- "Google is your friend" :-)

The first hit from `SSI security Apache` is this pretty decent look
at the issues:


:: which are primarily internal -- `exploits` require a perpetrator
to access the system somehow and install the malicious (S)HTML file.

Hassan Schroeder ----------------------------- hassan at webtuitive.com
Webtuitive Design ===  (+1) 408-938-0567   === http://webtuitive.com

                           dream.  code.

More information about the thelist mailing list