namazu-users-en
[Top] [All Lists]

Re: namazu doing CGI env check (was Re: Formats of NMZ.* files)

To: namazu-users-en@namazu.org
Subject: Re: namazu doing CGI env check (was Re: Formats of NMZ.* files)
From: knok@daionet.gr.jp (NOKUBI Takatsugu)
Date: Mon, 2 Sep 2002 19:09:19 JST
Reply-to: namazu-users-en@namazu.org
Message-id: <200209021013.TAA25349@list.daionet.gr.jp>
Sorry for my late reply.

Why namazu command can't work with CGI because it has security issue.
In the past, namazu comamnd and namazu.cgi was merged with a
executable binary, but it accepts command line options as CGI
paramater. So remote user can invoke with --output option or
something, it is bad.
Therefore current version of Namazu was splitted into 2 binaries.

In article <200208302040.g7UKeN926136@gator.earlhood.com>
earl@earlhood.com writes:

The goal of the CGI is to allow for a "permanent" bookmark to an
archived message.  A problem with MHonArc's message number system is
that if archive is rebuilt from raw messages, but some raw messages have
been deleted and/or are in different order, the message numbering will
be different.  This is a problem for people you reference archived
messages in their mail.

That's great. I had thought such like function.

I made a perl binding of libnmz, you can get from cvs
<http://cvs.namazu.org/Search-Namazu/> or 
<http://www.namazu.org/~knok/Search-Namazu-0.92.tar.gz>.

Unfortunately, it lacks NMZ.field.* support. Ok, I'll add the function
to my ToDo list. If I can do it, you will make it easier.
-- 
NOKUBI Takatsugu
E-mail: knok@daionet.gr.jp
        knok@namazu.org / knok@debian.org

<Prev in Thread] Current Thread [Next in Thread>