Great Circle Associates Firewalls
(February 1994)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Gopher server on a unix host
From: johns @ oxygen . house . gov (John Schnizlein)
Date: Tue, 8 Feb 1994 17:15:27 -0500
To: Firewalls @ GreatCircle . COM

I have heard great fear regarding running gopher service on a bastion host.
The general tone of these concerns is that gopher is *too* willing to go
do things "fer" its clients.

Does anyone have a recipe for configuring gopher so that it does not open
a gaping hole in a security perimeter?
For example, is it sufficient to control what directories it reaches (a la FTP)
and replace its popen() with one that parses for and precludes ";" and similar
tricks?


Follow-Ups:
Indexed By Date Previous: Re: Two security issues
From: bmanning @ is . rice . edu (William Manning)
Next: SOCKS report perl scripts?
From: Roger Masse's the named <roj @ cop . dec . com>
Indexed By Thread Previous: Re: restricting Internet Access
From: Brad . Powell @ EBay . Sun . COM ( Brad Powell - Sun CIS)
Next: Gopher server on a unix host
From: "Craig A. Finseth" <fin @ unet . umn . edu>

Google
 
Search Internet Search www.greatcircle.com