> And, I agree with your warnings about giving access to CP commands. If you give sudo vmcp access to only users the www group, which has one user, wwwrun (that apache runs under) by default, then no holes there. If the cgi-bin scripts only do specific queries of z/VM then no holes there. And for one more layer of security, you could use a .htaccess file to require credentials.
Funnelling arbitrary CP commands through a Web interface would be dangerous. "Mike MacIsaac" <[EMAIL PROTECTED]> (845) 433-7061 ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
