9.2 Security Considerations


SSI directives are as secure as you are. Don't execute any commands that might do bad things or provide too much information. We suggest that directives like this not be included:

 <!--#exec cmd="/bin/cat /etc/passwd"--> 

On the other hand, SSI doesn't let the client do anything not specifically allowed by the server, so it's relatively harmless. But don't do anything stupid, anyway.



Open Source Development with Lamp
Open Source Development with LAMP: Using Linux, Apache, MySQL, Perl, and PHP
ISBN: 020177061X
EAN: 2147483647
Year: 2002
Pages: 136

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net