[Chameleon-dev] [Bug 177] [wmsparse] security issue with wmsparse
and IIS
bugzilla-daemon at www.maptools.org
bugzilla-daemon at www.maptools.org
Mon Nov 8 15:49:45 EST 2004
http://www.maptools.org/bugzilla/show_bug.cgi?id=177
pspencer at dmsolutions.ca changed:
What |Removed |Added
----------------------------------------------------------------------------
AssignedTo|jfournier at dmsolutions.ca |dmorissette at dmsolutions.ca
------- Additional Comments From pspencer at dmsolutions.ca 2004-11-08 15:49 -------
ok, so the original issue is valid. IIS user requires execute privileges on
cmd.exe, which is considered a security issue. What should be done about this
for version 1.99 and for future versions? I'd like to see some sort of minimal
fix this time around as this would be an excellent candidate for including in
some sort of php_chameleon module (which won't be done for this version).
Perhaps the cgi model would be the easiest? Or should it be a documented
limitation of working with IIS?
Reassigning to Daniel for comment on the cgi approach ...
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the Chameleon-dev
mailing list