Swish-e

From: PropheZine Owner <bob(at)not-real.prophezine.com> Date: Thu Feb 24 2000 - 22:08:31 GMT

Hi Software Jester:

REMOTE_USER has no value because I am not using security?  You mean like
using .htaccess?  If I use .htaccess then REMOTE_USER will be set to a
value?

Bob

-----Original Message-----
From: swish-e@sunsite.berkeley.edu
[mailto:swish-e@sunsite.berkeley.edu]On Behalf Of Ron Samuel Klatchko
Sent: Thursday, February 24, 2000 3:54 PM
To: Multiple recipients of list
Subject: [SWISH-E] Re: Autoswish on Linux - problem?

PropheZine Owner wrote:
> swish_create.pl I have this line:
>
> $userid = $ENV{'REMOTE_USER'};
>
> In debugging I discovered that this value is not set.  I had to comment
the
> line and put in a temporary value (BOBTEST) before the routines would
work.
>
> Anyone seen this problem before?

REMOTE_USER is set by the web server when the script requires
authentication.  What you have done is circumvent user/password security
(which admittedly is pretty weak, but it's something).  Do you have some
other sort of access control to prevent a random user from invoking that
CGI?

moo
------------------------------------------------------------
           Ron Samuel Klatchko - Software Jester
            Brightmail Inc - rsk@brightmail.com