Run a Wiki on www.gnucash.org?
Stuart D. Gathman
stuart at bmsi.com
Fri Nov 19 11:57:57 EST 2004
On Fri, 19 Nov 2004, Josh Sled wrote:
> Hmm. Except when the software on top of the web server opens new
> vulnerabilities by evaluating it's parameters using shell tools without
> proper value checking...
I would recommend not running a wiki based on shell tools.
How about MoinMoin?
http://sourceforge.net/projects/moin/
The wiki code is easily sandboxed to a single uid. If using the
CGI interface with Apache, this is done via suexec. I run the
Wiki as a standalone server with its own uid.
There is still the possibility of local exploits, of course.
Using mod_python to run moinmoin runs the wiki as the apache user - not
recommended if the same apache instance is serving Gnucash files.
Also, for best performance, moinmoin needs a real database (it uses
bsddb by default).
--
Stuart D. Gathman <stuart at bmsi.com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
More information about the gnucash-devel
mailing list