Gossamer Forum
Home : Products : DBMan : Customization :

Security Problem

Quote Reply
Security Problem
I was testing on the db.cgi script and wander whether there is any where to increase the security and make it more professional.

Let's say I have a three cfg and db file - autos, business and pets.

If I type in http://www.domain.com/cgi-bin/db.cgi it will be directed to the default cfg

If I type in http://www.domain.com/cgi-bin/db.cgi?db=autos it will be directed to the autos.cfg file.

However If I were to play around/test it out by typing http://www.domain.com/cgi-bin/db.cgi?db=test
it will list out all the form variables, environment variables and cgi-error.

Error Message : Error loading required libraries.
Check that they exist, permissions are set correctly and that they compile.
Reason: Can't locate test.cfg in @INC (@INC contains: . /usr/local/lib/perl5/i396-bsdos/5.00404 /usr/local/lib/perl5 /usr/local/lib/perl5/site_perl/i386-bsdos /usr/local/lib/perl5/site_perl .) at db.cgi line 30.

Script Location : db.cgi
Perl Version : 5.00404
Setup File : test.cfg

Form Variables
Environment Variables.......

How can I have the db.cgi directed to the default/unautohrised page should someone try to type in the above command again.

Any advice is most appreciated. I am a novice.

Quote Reply
Re: Security Problem In reply to
I've found a thread on this topic. Thanks.