Support for Multiple Submit buttons on Forms

www-talk@www10.w3.org
Wed, 3 May 95 07:47:54 PDT


In one note about CGI from Vidar Madsen a mension that a CGI may
overwrite files that the "webmaster" account owns. This may include
configuration files.

There is a simple solution. Have the httpd run under a second
userid/groupid.

Permission could be given to read the configuration
file, but since the daemon executes under another account
it would not have permission by default to destroy the files.

In this situation one must be careful to give appropriate
permission to directories and files for public read and execute
permission only as needed. One must exercize caution in giving write
privilages.

Gerald Edgar
"My opinions"