摘要
随着 Internet的广泛应用 ,通过 WWW对网络的攻击日益增多 .作为实现 WWW交互能力的重要手段CGI(com mon gateway interface) ,其安全机制直接影响到 Web服务器的安全性 ,使攻击者有可能通过 Web服务器实现其攻击目的 .比较了 3种主要的保护 CGI程序安全运行模型 ,并通过对一个攻击例子和对 Apache Su EXECCGI安全模型源代码的分析 ,指出该例子的攻击链可以通过 Su EXEC的安全防护层并讨论其不安全的因素 ,给出了相应的防御措施 ,提出了一个改进的 CGI安全保护层模型 .
WWW(World Wide Web) is the important platform for publishing information in the Internet. The attacks through WWW are increasing dramatically. The security of CGI is related to the Web host security. The three major security models for CGI are compared. After describing an attack of CGI program and analyzing the suEXEC security model in Apache, several vulnerabilities of the model are given. The countermeasures are also discussed and an improved security model for Apache SuEXEC is given.
出处
《计算机研究与发展》
EI
CSCD
北大核心
2000年第11期1345-1352,共8页
Journal of Computer Research and Development
