Security Issues

The Log & Config Files

Chuck says:

The log file can really live anywhere on the disk if you provide a path to it. So, you can simply move it out of the MacHTTP hierarchy by using the LOG command in the config file to specify an absolute path. For example, MacHTTP ships with the following log file specification:

   LOG :MacHTTP.log

You could easily change this to:

   LOG HardDisk:secret.log

Which would move it outside the MacHTTP hierarchy and beyond the ability of WWW clients to access it. For that matter, simply changing the name of the log file and leaving it in MacHTTP's directory is sufficient, since there is no way for a remote user to list the contents of a directory and determine the new name (unless you leave the sample.script installed!)

To prevent anybody from accessing the MacHTTP.config file and getting your log file name, define a suffix mapping for ".config" like:

   SCRIPT .config * * image/gif

MacHTTP will just try to have AppleScript run your config file, fail, and return an error to the client. Be sure to put the above mapping at the top of your list (or at least before the TEXT type mapping).

URLs That Point Outside the Document Hierarchy

If your current document is in sub1 under the MacHTTP folder and you want to get to a document in sub2 on the same level under the MacHTTP folder, try something like HREF="::sub2:newdoc.html" or in Unixese HREF="../sub2/newdoc.html".

The "::" or ".." means one level up from the current level.

This absolutely will not work. It is a huge security hole and MacHTTP explicitly checks for URLs that are attempting to access directories "above" the document root. Quite simply, all instances of "::" are deleted from the path and the URL will fail. If this was allowed, anyone could effectively ask for any file on your hard disk.

5/7/94 - gneufeld

MacHTTP Contents