FirstSearch script security

Madeleine Showalter mshowalt at coa1.ci.austin.tx.us
Wed Aug 14 12:39:11 EDT 1996


I have been told that "hackers" can enter commands in a form/search engine which can be 
transferred to your operating system.  This can allow them to get to a command line 
prompt in your system.  So, I assume that "secure" means to prevent this by changing 
your CGI script.  That's all I know, I'm just a beginner in using CGI.

S. M. S. wrote:
> 
> A short time ago someone offered a script for accessing FirstSearch without
> having to use a CGI script.  The writer said that the problem was the file
> needed to be placed where access to it was secure.
> 
> I need to get in contact with this person, or someone who can answer the two
> following questions:
> 
> 1.  Where do you put the file that it may be "secure" if it is on a PC?
> 
> 2.  How can the script be made "secure" at all since it seems to allow
> access from Netscape by using "document source."
> 
> Any answer to this would be much appreciated.
> 
> Susan Sansenbaugher
> System Operator
> Westerville Public Library
> ssansenb at delnet.net

-- 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Madeleine Showalter		mshowalt at library.ci.austin.tx.us
Webmaster				(512) 499-7461
Austin Public Library		http://www.ci.austin.tx.us/library


More information about the Web4lib mailing list