CGI Executables

Security Issues

Common Gateway Interface (CGI) executables are potential security holes. They can allow unauthorized access to protected information on the server, and they also can allow the execution of unauthorized commands on the server. If you would like more specific information, here are a couple of references:

The World Wide Web Security FAQ: CGI Scripts

CGI Policy

Given the limited resources available to the CLAS Linux Group, there is no way that the staff can examine and approve every CGI executable that users may want to install on the web server. The CLAS Linux Group team cannot in good conscience allow unexamined CGI scripts to be run on the CLAS Linux servers. Just one poorly written or malicious script could affect everyone who uses the shared computing resources.

Therefore, no user will be allowed to install and run their own CGI executables.