[4636] in WWW Security List Archive
RE: SHTML on Netscape under NT
daemon@ATHENA.MIT.EDU (Phillip M. Hallam-Baker)
Mon Mar 3 19:01:27 1997
From: "Phillip M. Hallam-Baker" <hallam@ai.mit.edu>
To: "'Benjamin Camp'" <benc@geocel.com>,
"www-security@ns2.rutgers.edu"
<www-security@ns2.rutgers.edu>
Date: Mon, 3 Mar 1997 16:02:31 -0500
Errors-To: owner-www-security@ns2.rutgers.edu
I'm puzzled by this.
<!-- --> is a html comment form. There should never be a need to
wedge tags into comments because one can extend the Tag
set.
Any HTML spec this broken deserves not to work.
Phill
-----Original Message-----
From: Benjamin Camp [SMTP:benc@geocel.com]
Sent: Monday, March 03, 1997 4:01 AM
To: www-security@ns2.rutgers.edu
Subject: SHTML on Netscape under NT
Purveyor gives you the ability to:
<!--#exec exe="execfile" -->
I've tried for several hours and have not been able to find any similar
functionality or even get <!--#exec cmd="..."> to work at all. In the
SSI specs, cmd= uses /bin/sh .. well.. I'm trying to do it on NT.
If there is an equivilant, does anyone know any special security concerns
regarding NT and SSI?
Ben Camp
