in reply to Re: Run arbitrary UNIX commands on webserver without telnet
in thread Run arbitrary UNIX commands on webserver without telnet
While I think we can all agree that telnet is NOT perfect, I don't think it's wise to allow people to post to a CGI script, and then running arbitary commands on a server.
First, with all its warts, if telnet were available I would never have resorted to this approach.
Second, please read my reply to jeffa (below, I think), regarding ``allowing people ... running arbitrary commands on a server.''
Finally, when you are working for actual paying clients, you don't always get a say in which hosting company they choose.
In short,
- Dangerous? Yes.
- Necessary? Occasionally.
- Ever leave accessible and executable after logging off? Never
- Allow users (even friendly ones) to use it? Never, on penalty of losing Web Developer license
dmm
You can give a man a fish and feed him for a day ... Or, you can teach him to fish and feed him for a lifetime
|
---|
Replies are listed 'Best First'. | |
---|---|
Re: Re(dmm): Run arbitrary UNIX commands on webserver without telnet
by rrwo (Friar) on Nov 08, 2001 at 10:01 UTC | |
by dmmiller2k (Chaplain) on Nov 08, 2001 at 20:32 UTC |
In Section
Craft