• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 35. Server-Side Security Issues > CGI Security Issues: Recognizing Prob...

CGI Security Issues: Recognizing Problems, Finding Solutions

Almost all CGI security holes come from interaction with the user. By accepting input from an outside source, a simple, predictable CGI program suddenly takes on any number of new dimensions, each of which might have the smallest crack through which a hacker can slip. It is interaction with the usery —through forms or file paths—that gives CGI scripts their power but also make them the most potentially dangerous part of running a Web server.

Caution

Writing secure CGI scripts is largely an exercise in creativity and paranoia. You must be creative to think of all the ways that users, either innocently or otherwise, can send you data that has the potential to cause trouble. And you must be paranoid because, somehow, users will try every one of them.



PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint