possible security hole
05 Dec 2000 23:34:04 +0100
"Derek Vokey" <firstname.lastname@example.org> writes:
> There is no telnet access or any other command line access to anyone other
> than root on this server. Is there a way to examine the environment of the
> shell process strictly through cgi?
What does "strictly through cgi" mean? If you allow uploading
arbitrary CGI programs by users, that's almost equivalent to shell
access and certainly sufficient for reading the environment of other
processes, at least on Linux (where you can read /proc) and some other
systems (where you can invoke 'ps e').
> ----- Original Message -----
Eh, your quoting style is strange.
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to email@example.com