
Hack Proofing Your Web Applications Fast Track • Appendix 543
programs all run on the user’s computer.This makes it possible for
adept hackers to make use of this information and attack your site.
; With CGI, you can protect yourself by controlling permissions to
various directories, hiding code within compiled programs, and
other methods.
Rules for Writing Secure CGI Scripts
; Limit user interaction.
; Don’t trust input from users.
; Don’t use GET to send sensitive data.
; Never include sensitive information in a script.
; Never give more access than is absolutely necessary.
; Program on a computer other than the Web server, and ensure that
temporary files ...