You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2001/10/22 18:19:12 UTC
DO NOT REPLY [Bug 4227] -
Invalid CGI path
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4227>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4227
Invalid CGI path
------- Additional Comments From craig.mcclanahan@sun.com 2001-10-22 09:19 -------
Currently, the CGI servlet refuses to run a request that has "/./" or "/../" in
the CGI command path (as yours does), in order to avoid spoofing attacks that
try to access binaries outside of the appropriate webapp directory. In this
case, it appears that the "/../" is occurring because you are letting the
standard startup script figure out what CATALINA_HOME is.
Could you try explicitly setting the CATALINA_HOME environment variable (to
"/opt/catalina") and see if that solves the problem for you?