You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Florian Effenberger <fl...@arcor.de> on 2004/05/24 14:22:29 UTC

mod_cgi: please have a look at this feature request

Hello there,

I hope this is the right place to propose feature requests. If not, 
please correct me. ;-)

Everyone involved in mod_cgi, please have a look at this bug:
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=29122

It is about mod_cgi checking for certain conditions before forking the 
child. I consider it a SERIOUS SECURITY RISK because severs can easily 
get vulnerable to DoS attacks by running huge CGI scripts (e.g. PHP as CGI).

Thanks for taking the time.

	-- florian