subject: The Security of CGI Scripts [print this page] The Security of CGI Scripts The Security of CGI Scripts
Notorious as a main cause of security breaches, CGI scripts are very popular and almost certainly are running on every Web server. The CGI (Common Gateway Interface) protocol itself is secure, but CGI scripts are very often not written by programmers with security in mind. As a result, Web Masters frequently install them on web sites, oblivious to the risks they are taking.
Because the CGI protocol creates a channel of communication between the Web server and external programs, a poorly written CGI script can be cracked by hackers, who can then make their own programs run on the Web server.
A CGI script usually has the same access privileges as the person who runs the Web server, and that usually means at 'administrator' level. If it is not written with care, a CGI script can therefore give a hacker access to the root directory, and from there to databases, confidential information, etc.
Furthermore, unless memory segments are allocated correctly, Web server memory resources can be accessed and used to run malicious code to perform any operation a hacker wants.
A common use of CGI scripts is to convey the data in a form filled in by a browser user to the Web server for processing. Unless the user's input is validated and, more important, verified properly, the script can be manipulated to run a rogue program in the Web server's memory. Even a well-meaning but ham-fisted Web site visitor can cause a Web site to crash by mistakenly entering harmful characters into the fields of a form.
A solution is to envelop the CGI script in a "wrapper". This can (a) ensure that the ownership of a running process remains the same, and (b) restrict the amount of memory allocation for the script, thus shielding the Web server's central processing unit and file system from unauthorized programs.
The wrapper is positioned between the CGI script and the Web server software, thus keeping them apart from each other. It alters the user's identity, thus isolating the script from the Web Master's identity and from all other scripts.
The easiest route to secure CGI scripts is to use CGI libraries to control the input and output to and from the Web server. Because CGI libraries contain well established pre-defined, secure programs, tried and tested to rigorous standards, the Web Master and the CGI programmer can be relieved of much of the security burden.
