On Fri, 19 Nov 2004, Josh Sled wrote: > Hmm. Except when the software on top of the web server opens new > vulnerabilities by evaluating it's parameters using shell tools without > proper value checking...
I would recommend not running a wiki based on shell tools. How about MoinMoin? http://sourceforge.net/projects/moin/ The wiki code is easily sandboxed to a single uid. If using the CGI interface with Apache, this is done via suexec. I run the Wiki as a standalone server with its own uid. There is still the possibility of local exploits, of course. Using mod_python to run moinmoin runs the wiki as the apache user - not recommended if the same apache instance is serving Gnucash files. Also, for best performance, moinmoin needs a real database (it uses bsddb by default). -- Stuart D. Gathman <[EMAIL PROTECTED]> Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154 "Confutatis maledictis, flamis acribus addictis" - background song for a Microsoft sponsored "Where do you want to go from here?" commercial. _______________________________________________ gnucash-devel mailing list [EMAIL PROTECTED] https://lists.gnucash.org/mailman/listinfo/gnucash-devel