Security Considerations
By enabling your student webspace or by granting the www.swe_web AFS user read or write access to files you control you are exposing these files to:
- In the case of read access, be read by others who may execute CGIs on our system. Any private information stored in those files could be disclosed.
- In the case of write access, be written to by others who may execute CGIs on our system. Files may be modified or destroyed. New files may also be created which could cause your user volume to fill up.
Neither UMBC nor DoIT will take responsibility for the security or integrity of files stored in areas where the www.swe_web AFS user has read or write access. We also ask that any user asking for "input" on web forms that store data in those areas make it clear that any information entered on such forms is stored using an insecure method.
Enabling Your Student Web Space
...
Code Block | ||||
---|---|---|---|---|
| ||||
[zo1@linux2]$ /afs/umbc.edu/common/bin/disable_student_web_space.sh Ensuring the following student web directories are NOT globally readable: swe2016 Disabling web access to the following student web directories: swe2016 |
Security Considerations
By enabling your student webspace or by granting the www.swe_web AFS user read or write access to files you control you are exposing these files to:
- In the case of read access, be read by others who may execute CGIs on our system. Any private information stored in those files could be disclosed.
- In the case of write access, be written to by others who may execute CGIs on our system. Files may be modified or destroyed. New files may also be created which could cause your user volume to fill up.
Neither UMBC nor DoIT will take responsibility for the security or integrity of files stored in areas where the www.swe_web AFS user has read or write access. We also ask that any user asking for "input" on web forms that store data in those areas make it clear that any information entered on such forms is stored using an insecure method.
Available Scripting Languages
Language | File Extension | How To Use |
---|---|---|
PHP 5.4 | .php | Any content in a file ending in .php will be interpreted by PHP |
Perl 5.16 | .cgi | Begin the file with "#!/usr/bin/perl". All content below that line will be interpreted by Perl |
Python 2.7.5 | .cgi | Begin the file with "#!/usr/bin/python". All content below that line will be interpreted by Python |
Ruby 2.0 | .cgi | Begin the file with "#!/usr/bin/ruby". All content below that line will be interpreted by Ruby |
...