×
The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.
Does anyone have an example of manipulating data, running programs,
compromising security, etc on web server running on an IBM i, or is it
purely speculative (or improper setup of the Apache config file, network
mapping, programming, etc?)
I know on other systems there are SQL exploits where you can try to pass
SQL statements into form fields but in my testing on applications (that
I've created that use SQL) I couldn't cause this issue. I've even read
recently where there are loopholes in things like Ruby on Rails, but I'm
mainly talking about CGI programs written with RPG and the pbApache server
running on the IBM i.
I'm not asking for strawman arguments. We can assume that the config file
is set up properly, the port mapping is correct, etc. I would even be
happy to provide a sample apache config file. Port 80 and/or 443 are the
only ports mapped to the i, etc.
I guess what I'm looking for, as are others I'm sure, are some examples on
how things could go wrong instead of simple speculation.
(sounds like a Friday question! hehe...)
Brad
www.bvstools.com
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
[javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
