Menu
▾
▴
Re: [Exist-development] [HEADS-UP] Merge in of Security Branch
|
From: Hungerburg <pc...@my...> - 2012-02-08 12:03:13
|
Am 2012-02-08 03:45, schrieb Joe Wicentowski: > > In hindsight I realize I was reading your advice below too literally. > It makes sense that to "execute" a .xq via web browser, we need to not > only make it "executable" but also "readable". > > Apologies if this is covered in basic unix permissions model, and > apologies for my ignorance! In the unix model, scripts that are to be executed by an interpreter, have to be both readable and executable by the user, while binaries, that can be executed by the kernel directly only require execute permission by the user. This difference does not make much sense in eXist, does it? Requiring only exec permission for xquery procedures would allow to eg. hardcode passwords in a script or use of some logic, that the executing user must not learn. And after all, they are binaries in eXists native object format, aren't they? -- peter |
