[mapserver-users] [Fwd: Security]

Hockaday, John JohnHockaday at auslig.gov.au
Tue Dec 18 16:15:33 PST 2001


I might also add that the temporary directory that you create should be in
an area that is readable by the web server.  That way the resulting images
can be referenced in HTML pages as "img" HTML elements.

John

> -----Original Message-----
> From:	Ed McNierney [SMTP:ed at topozone.com]
> Sent:	Wednesday, December 19, 2001 9:10 AM
> To:	Jamie Smedsmo; mapserver-users
> Cc:	Diaz, William
> Subject:	RE: [mapserver-users] [Fwd: Security]
> 
> Mr. Diaz -
>  
> No.  You should configure a new temporary map file directory on your
> server that has nothing in it but MapServer output files.  The server
> process (i.e. the mapserv CGI program) needs to have write access to
> that directory, but if the only thing in it is MapServer-generated map
> files, that should not pose a risk to any other files on your server.
> You should always review your server configuration carefully to make
> sure you have not set more generous permissions than you intended.
>  
>     - Ed
> 
> 
> 
> Ed McNierney 
> Chief Mapmaker 
> TopoZone.com 
> ed at topozone.com 
> (978) 251-4242 
> 
> -----Original Message-----
> From: Jamie Smedsmo [mailto:jsmedsmo at gis.umn.edu]
> Sent: Tuesday, December 18, 2001 4:41 PM
> To: mapserver-users
> Cc: Diaz, William
> Subject: [mapserver-users] [Fwd: Security]
> 
> 
> 
> 
> -------- Original Message -------- 
> Subject: 	Security	
> Date: 	Tue, 18 Dec 2001 13:22:17 -0800	
> From: 	"Diaz, William"  <mailto:W.DIAZ at CGIAR.ORG>
> <W.DIAZ at CGIAR.ORG>	
> To: 	"'mdp at lists.gis.umn.edu'" <mailto:'mdp at lists.gis.umn.edu'>
> <mdp at lists>	
> 
> 
> Tell me please
> 
> 
> 
> using the tmp directory (with mapserver)  can produce some risk to our
> 
> servers and networks?
> 
> 
> 
> William
> 
> 
> 
>          
> 
> William Diaz S. email:   w.diaz at cgiar.org <mailto:w.diaz at cgiar.org>  
> 
> 
> 
> 
> 
> 
> 
> 



More information about the MapServer-users mailing list