SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-26-2008, 03:51 AM
| |||
| |||
 Re: Log file in Web directory ? m.t wrote: > Is it "OK" to output application/process log file > to a location where the web server can see > so that one can view it in via http instead of > requiring shell acoount ? > thanks If Ok means you want someone else to weigh in on what your internal security and business practices should be I would say no. I would not make available to a web server information that could be used to compromise the system. If by Ok you mean can I do it? Then yes you can. -- Daniel A. Morgan University of Washington damorgan@x.washington.edu (replace x with u to respond) Puget Sound Oracle Users Group www.psoug.org      |
|
02-26-2008, 03:52 AM
| ||||
| ||||
| Re: Log file in Web directory ? DA Morgan schreef: > m.t wrote: >> Is it "OK" to output application/process log file >> to a location where the web server can see >> so that one can view it in via http instead of >> requiring shell acoount ? >> thanks > > If Ok means you want someone else to weigh in on what your > internal security and business practices should be I would > say no. I would not make available to a web server information > that could be used to compromise the system. > > If by Ok you mean can I do it? Then yes you can. I would rather have a single page exposed, than opening an account that can walk through the directory tree... It's just the output of a process, that needs to be seen by the client/user. Do it all the time - use java/plsql/owa packages if it's not on an application server, or just a simple page and a logical link if it's on the application server. Needless to say that the url is intranet only, and the page requires you're logged on. -- Regards, Frank van Bortel Top-posting is one way to shut me up... |
Linear Mode
