On Sun, Mar 02, 2003 at 10:19:17AM -0500, Joel Gwynn wrote: > I'm more concerned about other pair users being able to access the file. > Currently, the file is stored above the document root, but it has to be > readable by the cgi script, hence the user nobody in group www.
You could run the cgi script under your own user-id using cgiwrap. http://www.pair.com/pair/support/library/systemcgi/cgiwracp.html The problem with this approach is that any security bugs in your cgi script expose your account to abuse. However, with careful use of taint checking you should be able to minimize the risk. -- Jason _______________________________________________ Boston-pm mailing list [EMAIL PROTECTED] http://mail.pm.org/mailman/listinfo/boston-pm
