You are not logged in. Login Now register |  search
 0-24   12-36   37   38-62   63-87   88-109     
 
Grex > Agorage > #13: Projects to revitalize Grex. Linked
Author Message
1 new of 109 responses total.
bellstar
response 37 of 109: Mark Unseen   Jul 24 04:37 UTC 2008
Re #27:

I'm rather bewildered to hear Grex runs a SQL server. Are there any Grex
applications depdendent on it? Has it ever been load tested? Or is it just
"educational?"

As for Perl, mere availability of the interpreter is not enough. PerlCGI
modules must be added to both Perl and Apache (assuming Grex is served on
Apache) to provide the required CGI hooks. These hooks and the "possibility" of
remotely running malicious code through a misconfigured or buggy CGI interface
will make Grex vulnerable to a host of attacks. On the other hand, cgi-bin is
already there so perhaps there won't be much added vulnerability.

I've heard computer security experts have a saying that goes, "usability is
inversely proportional to security." I wonder if Grex isn't already "useful"
enough?.
 0-24   12-36   37   38-62   63-87   88-109     
 Response Not Possible: You are Not Logged In
 

- Backtalk version 1.3.30 - Copyright 1996-2006, Jan Wolter and Steve Weiss