how safe is Python for CGI?
sismex01 at hebmex.com
sismex01 at hebmex.com
Mon Oct 7 19:13:28 EDT 2002
More information about the Python-list mailing list
Mon Oct 7 19:13:28 EDT 2002
- Previous message (by thread): newbie question on class vars
- Next message (by thread): how safe is Python for CGI?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> From: DG [mailto:david at fielden.com.au] > > Greetings, > > I am thinking about using Python's CGI capabilities to write > some simple web front ends to a database. The web server is > running apache under Linux, Python 2.2.1. > > How secure is Python for this? For example, it seems that I > will need to put the database path, username and password into > the database connect() line in the cgi-bin script, is it > possible for someone to download the script from the cgi-bin > directory without running it, and then inspect the > source to find the database path/user/pass? > > What are common Python practices to circumvent this, if it is > a problem? > > Are there any other gotchas to this sort of script? > > tia > > Rowdy > This is responsability of your Apache installation, not Python's. You have to mark your cgi-bin directory as executable, non-browsable, etc etc. There's other FAQs you can search for which contain detailed documentation on this subject. Google is your friend :-) -gustavo
- Previous message (by thread): newbie question on class vars
- Next message (by thread): how safe is Python for CGI?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-list mailing list