To LUGNET HomepageTo LUGNET News HomepageTo LUGNET Guide Homepage
 Help on Searching
 
Post new message to lugnet.off-topic.geekOpen lugnet.off-topic.geek in your NNTP NewsreaderTo LUGNET News Traffic PageSign In (Members)
 Off-Topic / Geek / 547
546  |  548
Subject: 
Re: Why are SSIs bad?
Newsgroups: 
lugnet.off-topic.geek, lugnet.publish
Date: 
Thu, 30 Sep 1999 22:00:49 GMT
Reply-To: 
mattdm@mattdm^IHateSpam^.org
Viewed: 
443 times
  
Jacob Sparre Andersen <sparre@sys-323.risoe.dk> wrote:
I am not quite sure what security problems there are with
SSI.

If you're the site admin, there's not a security problem. The security issue
is with letting your _users_ use SSI, because those commands execute as the
user which owns the web server. Which, if you don't trust your users, is a
bad thing.


My main reason for (mostly) not using SSI on published web
pages is that I suspect that it means that the pages won't
be stored by proxies. Is it possible to make server-side
processed pages appear as static pages when they are served?

Yes, you can configure your web server this way.

--
Matthew Miller                      --->                  mattdm@mattdm.org
Quotes 'R' Us                       --->             http://quotes-r-us.org/



Message has 1 Reply:
  Re: Why are SSIs bad?
 
[ FUT lugnet.publish ] Matthew: [...] (...) Would you care to give a lazy web site manager a hint for doing this with Apache? Play well, Jacob ---...--- -- E-mail: sparre@cats.nbi.dk -- -- Web...: <URL:(URL) -- ---...--- (25 years ago, 1-Oct-99, to lugnet.off-topic.geek, lugnet.publish)

Message is in Reply To:
  Re: Why are SSIs bad?
 
Sproaticus: (...) I am not quite sure what security problems there are with SSI. My main reason for (mostly) not using SSI on published web pages is that I suspect that it means that the pages won't be stored by proxies. Is it possible to make (...) (25 years ago, 30-Sep-99, to lugnet.off-topic.geek, lugnet.publish)

8 Messages in This Thread:


Entire Thread on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact

This Message and its Replies on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact
    

Custom Search

©2005 LUGNET. All rights reserved. - hosted by steinbruch.info GbR