[923] in RedHat Linux List
Redhat 3.0.3 and Ecash...
daemon@ATHENA.MIT.EDU (Bill Rockefeller)
Fri Oct 25 12:51:55 1996
Date: Fri, 25 Oct 1996 08:54:12 -0700 (PDT)
From: Bill Rockefeller <dozer@netwizards.net>
To: redhat-list@redhat.com
In-Reply-To: <199610251442.KAA07575@redhat.com>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
Has anyone tried accepting Ecash with on a Redhat 3.0.3 box? I'd like to
do so for one of our customers, but it requires 1 CGI to be installed,
nph-charge.cgi. From what I heard before, there was a bug/glitch in nph
that caused a security hole. If that wasn't bad enough, they want the
file to be SGID root! :( Would this be a bad security move with Redhat
3.0.3? I always try to kill all the SUID/SGID files, and this just
doesn't sound like a good idea to me. :P Anyone else using ecash? Anyone
have an opinion from a security standpoint?
--
PLEASE read the Red Hat FAQ, Tips, HOWTO and the MAILING LIST ARCHIVES!
________________________________________________________________________
http://www.redhat.com/RedHat-FAQ http://www.redhat.com/RedHat-HOWTO
http://www.redhat.com/RedHat-Tips http://www.redhat.com/mailing-lists
------------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe redhat-list-request@redhat.com < /dev/null
