On Tue, 15 Jul 2003, Rigler, Steve wrote: > Seriously...unless anyone can explain otherwise, being able to use > "wget" to download the source code to a cgi should be as effective > as using a browser to load a page and do "view source".
> Interesting....I never thought of wget........can wget be prevented? ummm -- guys, you are thinking about the wrong areas. -- wget is speaking to the webserver, and not the filesystem. It has little to do with keeping local users from viewing a given local filesystem directory. wget will see only what the webserver, with PHP intervention, wants it to see. see, eg, a worked example at: http://www.owlriver.com/support/yum/ and the script: yumconf.php 1. Called alone, with wget, you get: bash-2.05b$ wget -O - http://www.owlriver.com/support/yum/yumconf.php --13:18:22-- http://www.owlriver.com/support/yum/yumconf.php => `-' Resolving www.owlriver.com... done. Connecting to www.owlriver.com[198.30.29.42]:80... connected. HTTP request sent, awaiting response... 200 OK Length: unspecified [text/html] [<=> ] 0 --.--K/s Error -- unconfigured client access<br><a href="http://www.owlriver.com/support/yum/yumconf.php?debug=y"> Click</a> to debug -- or -- <a href="http://www.owlriver.com/support/yum/"> Here</a> for more information<br><hr>This page provided by <a href="http://www.owlriver.com"> Owl River Company</a> for private non-commercial use. Usage is monitored, and [ <=> ] 399 389.65K/s 13:18:29 (389.65 KB/s) - `-' saved [399] bash-2.05b$ 2. Called with an expected argument, you get: bash-2.05b$ wget -O - http://www.owlriver.com/support/yum/yumconf.php?ver=8.0 --13:18:47-- http://www.owlriver.com/support/yum/yumconf.php?ver=8.0 => `-' Resolving www.owlriver.com... done. Connecting to www.owlriver.com[198.30.29.42]:80... connected. HTTP request sent, awaiting response... 200 OK Length: unspecified [text/html] [<=> ] 0 --.--K/s # # i386 denominated yum.com # [main] cachedir=/var/cache/yum debuglevel=2 logfile=/var/log/yum.log pkgpolicy=newest [base] name=Red Hat Linux 8.0 base baseurl=http://mirror.dulug.duke.edu/pub/yum-repository/redhat/8.0/i386/ [updates] name=Red Hat Linux 8.0 updates baseurl=http://mirror.dulug.duke.edu/pub/yum-repository/redhat/updates/8.0/ [ <=> ] 347 338.87K/s 13:18:50 (338.87 KB/s) - `-' saved [347] bash-2.05b$ -------------------------------- -- Russ Herrold -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list