Does anyone have a recipe for configuring gopher so that it does not open
a gaping hole in a security perimeter?
For example, is it sufficient to control what directories it reaches (a la FTP)
and replace its popen() with one that parses for and precludes ";" and similar
Don't know about the "default" Gopher, but I am writing such a secure
beastie in Perl. Hope to have it released in a couple of weeks. If
interested, drop me a note and I will let you know when it's
Craig A. Finseth Craig .
University Networking Services fin @
University of Minnesota +1 612 624 3375 desk
130 Lind Hall +1 612 625 0006 problems
207 Church St SE +1 612 626 1002 fax
Minneapolis MN 55455-0134, USA member, LPF
"A ship is safe in a harbor, but that's not what a ship is for" -- unknown