Posted by comp.lang.tcl on 11/03/04 11:28

It would function, yes, but I don't see how that would offer any form
of protection as the hacker would still have access to the TCL CGI
script with his/her original HTML cached page. I guess I am unclear as
to how this would tighten things up.

Thanx
Phil

Steve wrote:
> > I couldn't run the script as a standalone command-line script because
> > the scripts are hosted on a remote site and I do not have privileges
> > outside of my account which resides within the framework of the
> > document root. It is a single back-end batch processing script that
> > must exist within CGI because CGI, as well as the user, are within the
> > group that has the privilege to access a group-accessible XML file
> > (this cannot be altered as it is set up by the hosting provider across
> > the board for all users on his hosting service).
>
>
> Would this work?
>
> <?php
>
> header( "Content-type:text/plain" );
>
> exec( "/path/to/mytclscript.tcl arg1 arg2 arg3", $res );
>
> print "results:\n\n";
>
> for( $i=0; $i < count($res); $i++ )
> {
> print $res[$i] . "\n";
> }
>
> ?>
>
> ---
> Steve

• Next in forum: session_regenerate_id()
• Prev in forum: Re: Session HELP !
• Thread view: Re: Key-passing from PHP to TCL CGI script - how is it done (web security issue)?

[Reply to this message]