× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. OPENSOURCE
  3. June 2018

Re: [IBMiOSS] Ports and routes needed to replace very large numbers of green screens.

Security by obscurity I suppose.

Not sure a team of security auditors would agree with this approach, but as long as it works for you it must be safe.

Regards,
Richard Schoen
Director of Document Management
e. richard.schoen@xxxxxxxxxxxxxxx
p. 952.486.6802
w. helpsystems.com

----------------------------------------------------------------------

message: 1
date: Mon, 4 Jun 2018 16:58:44 +0000
from: Justin Taylor <JUSTIN@xxxxxxxxxxxxx>
subject: Re: [IBMiOSS] Ports and routes needed to replace very large
numbers of green screens.

You have to do your risk assessment.

Each server has a dedicated library with new objects defaulting to *PUBLIC EXCLUDE authority. That, combined with the fact that no one else here can spell CGI, makes me OK with it.


-----Original Message-----
From: Richard Schoen [mailto:Richard.Schoen@xxxxxxxxxxxxxxx]
Sent: Monday, June 04, 2018 10:28 AM
To: opensource@xxxxxxxxxxxx
Subject: Re: [IBMiOSS] Ports and routes needed to replace very large numbers of green screens.

The only thing I would warn about with the wildcard config is that if you have programs in that library that shouldn't be called you're exposing them to security risk with a wildcard pattern.

If the lib only contains legit CGI callable apps then you're probably OK.

However in today's insecure world I would probably list each potential route in your Apache config so only the programs allowed to be called from the library are callable. Extra safety in case someone slips a program into that library.

Regards,

Richard Schoen
Director of Document Management
e. richard.schoen@xxxxxxxxxxxxxxx
p. 952.486.6802
w. helpsystems.com

----------------------------------------------------------------------



------------------------------

Subject: Digest Footer

--
This is the IBMi Open Source Roundtable (OpenSource) mailing list To post a message email: OpenSource@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/opensource
or email: OpenSource-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at https://archive.midrange.com/opensource.


------------------------------

End of OpenSource Digest, Vol 3, Issue 78
*****************************************





As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.