id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc 3486,Define mechanism for mapserv CGI debugging at the command-line without cli args,dmorissette,dmorissette,"From ticket #3485: """""" As part of a security audit of MapServer 5.6 it was found that some of the mapserv CGI command-line debug arguments constitute a security risk that could potentially be exploited. """""" In this ticket we only disabled the possibly insecure args in the default build to address the immediate security issues and avoid disrupting point releases with a more important change. For MapServer 6.0, we should look into providing a more secure debugging and testing mechanism for developers of the mapserv CGI that does not involve command-line args at all. For instance, the ""QUERY_STRING=..."" command-line arg could be replaced with the following on Unix/Linux: {{{ REQUEST_METHOD=GET QUERY_STRING='MAP=foo&REQUEST=GetMap&...' ./mapserv }}}",defect,new,normal,6.0 release,MapServer C Library,unspecified,normal,,,sdlime