![[Close the Book]](/intranet/images/book_open.gif)
Common Gateway Interface (CGI) scripts you own can be executed with your access privileges through the Cal Poly Pomona Web, provided that you have escrowed your password for CGI authentication. When you add your password to the escrow, it is encrypted and stored in a place accessible only by the Web server. When your authenticated user or group CGI is subsequently executed at the request of a browser on the Internet, the Web server retrieves your encrypted password, decrypts it, acquires your access privileges from the Security Registry, and executes the CGI with your access privileges.
Since an authenticated user or group CGI is executed with the access privileges of the owner at the request of any browser on the Internet, it can potentially do anything the owner could do through the Unix shell. CGI owners are responsible for insuring that the CGI cannot be exploited in ways that cause harm. Authenticated CGI execution is allowed because few users have sufficient access privileges to harm the Intranet infrastructure; however, every user has sufficient access privileges to harm themselves. You should be aware that there are people on the Internet who are very skilled at exploiting poorly designed CGIs.
Although escrowed passwords are strongly encrypted and stored in a place accessible only by the Web server, they aren't as secure as passwords stored in the Security Registry. Users who escrow their passwords for CGI authentication are trading a little password security for the ability to have their CGIs executed with their access privileges--an ability necessary if the CGI seeks to read or write files that shouldn't be read or written by anyone on the Internet. If it makes you feel any better, I've escrowed my password.
Escrowed passwords aren't changed when a user changes their password, so authenticated CGI owners must re-escrow their password for CGI authentication after they change it. If you don't escrow your password again after changing it, the Web server is unable to acquire your access privileges and your authenticated user or group CGI fails to execute properly.