Henry Reardon <henry_reardon@(protected):

> Thanks to all who replied for their insights with respect to the security
> differences between CGI and servlets.
>
> As best I can tell, they are very different in their architecture and
> therefore have different security concerns but both can be made
> satisfactorily secure.
>
> Therefore, our wiki could be both CGI-based or servlet-based and still be
> satisfactory.
>
> Have I basically got that right?

I don't think so.

CGIs are inherantly insecure. There is a high level of risk in using
CGIs,

Risk is the point though, you have to make a risk assessment and then
make a judgment about what technology is appropriate.


Nic

___________________________________________________________________________
To unsubscribe, send email to listserv@(protected)
of the message "signoff SERVLET-INTEREST".

Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html