[mapserver-users] Map server security issue
Ed McNierney
ed at topozone.com
Thu Oct 25 15:23:45 EDT 2001
John -
MapServer is a CGI application and has no special "security issues"
associated with it. As part of its execution it creates temporary image
files which are then read by client browsers. From a security
perspective, Web browser users must have the following access rights:
The right to execute the MapServer CGI binary
The right to read the MapServer MAP definition file(s)
The right to read the shapefiles, raster images, etc. used to create a
MapServer map
The right to write output map images to a temporary directory
The right to read those images from that temporary directory
There's nothing special here - nothing unusual. If you can tell us what
operating system you're running MapServer on, and whether this is to be
run on a Web site that's open to the public (anonymous users) or whether
it's on a secure Intranet system, we can probably give you more tips.
- Ed
Ed McNierney
Chief Mapmaker
TopoZone.com
ed at topozone.com
(978) 251-4242
-----Original Message-----
From: John Qu [mailto:jqu at eosdata.gsfc.nasa.gov]
Sent: Thursday, October 25, 2001 2:31 PM
To: mapserver-users at lists.gis.umn.edu
Subject: [mapserver-users] Map server security issue
Hi Folks:
Does anyone know map server security issue ? We just installed the
MapServer on our system. We would need a fairly detailed report on
any security issues of a from-scratch server-based application.
Thanks !
John Qu
NASA/GSFC/DISC
More information about the mapserver-users
mailing list