It does not depend on chmod malte, the MIME-type is what it depends on. e.g. all .cgi-files will be executed if the server is set up like this. rename the same file to .txt and it will be read
later
Patrick
------------------
The Webmaster Forums - General Administrator
Visit me at http://www.ectoweb.de
I just to be sure that a file containing a password couldnt be read if I named it .cgi or .pl.
The file contains a perl hash of usernames and passwords. It doesnt print them and it dies if either the HTTP_REFERER does not exist or its name is identical from the current SCRIPT_NAME. I think that should prevent the password file from being executed.
On the other hand, if it's being accessed by a Perl script on the server, you could probably just move it out of the httpd accessible directory and the script should still be able to read it.
Rob Radez
OSInvestor.com
Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.
Anonymous posted this at 11:40 — 4th February 2000.
They have: 5,633 posts
Joined: Jan 1970
It does not depend on chmod malte, the MIME-type is what it depends on. e.g. all .cgi-files will be executed if the server is set up like this. rename the same file to .txt and it will be read
later
Patrick
------------------
The Webmaster Forums - General Administrator
Visit me at http://www.ectoweb.de
Malte posted this at 12:58 — 4th February 2000.
They have: 297 posts
Joined: Apr 1999
I just to be sure that a file containing a password couldnt be read if I named it .cgi or .pl.
The file contains a perl hash of usernames and passwords. It doesnt print them and it dies if either the HTTP_REFERER does not exist or its name is identical from the current SCRIPT_NAME. I think that should prevent the password file from being executed.
Malte
------------------
[b]Malte Ubl - www.Schaffhausen.de
References: www.Parma-Aurel.de www.HellermannTyton.de www.TotalVital.de
roBofh posted this at 22:23 — 4th February 2000.
They have: 122 posts
Joined: Jun 2000
On the other hand, if it's being accessed by a Perl script on the server, you could probably just move it out of the httpd accessible directory and the script should still be able to read it.
Rob Radez
OSInvestor.com
Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.