Re: rh-l] RE: Proper way to keep users out of a directory

[R P Herrold]

On Tue, 15 Jul 2003, Rigler, Steve wrote:

> Seriously...unless anyone can explain otherwise, being able to use
> "wget" to download the source code to a cgi should be as effective
> as using a browser to load a page and do "view source".

> Interesting....I never thought of wget........can wget be prevented?

ummm -- guys, you are thinking about the wrong areas.  --

wget is speaking to the webserver, and not the filesystem.  It 
has little to do with keeping local users from viewing a given 
local filesystem directory.

wget will see only what the webserver, with PHP intervention,
wants it to see.


see, eg, a worked example at:

     http://www.owlriver.com/support/yum/

and the script:

      yumconf.php

1.  Called alone, with wget, you get:

bash-2.05b$ wget -O -  http://www.owlriver.com/support/yum/yumconf.php
--13:18:22--  http://www.owlriver.com/support/yum/yumconf.php
           => `-'
Resolving www.owlriver.com... done.
Connecting to www.owlriver.com[198.30.29.42]:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]

    [<=>                                  ] 0             
--.--K/s             Error -- unconfigured client access<br><a
href="http://www.owlriver.com/support/yum/yumconf.php?debug=y";>
Click</a> to debug -- or -- <a
href="http://www.owlriver.com/support/yum/";>
Here</a> for more information<br><hr>This page provided by <a
href="http://www.owlriver.com";> Owl River Company</a>
for private non-commercial use.  Usage is monitored, and
    [ <=>                                 ] 399          
389.65K/s

13:18:29 (389.65 KB/s) - `-' saved [399]

bash-2.05b$



2.  Called with an expected argument, you get:

bash-2.05b$ wget -O -  http://www.owlriver.com/support/yum/yumconf.php?ver=8.0
--13:18:47--  
http://www.owlriver.com/support/yum/yumconf.php?ver=8.0
           => `-'
Resolving www.owlriver.com... done.
Connecting to www.owlriver.com[198.30.29.42]:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]

    [<=>                                  ] 0             
--.--K/s             #
#       i386 denominated yum.com
#
[main]
cachedir=/var/cache/yum
debuglevel=2
logfile=/var/log/yum.log
pkgpolicy=newest

[base]
name=Red Hat Linux 8.0 base
baseurl=http://mirror.dulug.duke.edu/pub/yum-repository/redhat/8.0/i386/


[updates]
name=Red Hat Linux 8.0 updates
baseurl=http://mirror.dulug.duke.edu/pub/yum-repository/redhat/updates/8.0/


    [ <=>                                 ] 347          
338.87K/s

13:18:50 (338.87 KB/s) - `-' saved [347]

bash-2.05b$

--------------------------------

 -- Russ Herrold


-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/redhat-list