David, I have tried this but base on my knowlege about unit file system security, i would suggest you to install both JRE and JRUN under a non root user id.
-D ----- Original Message ----- From: "David Spacey" <[EMAIL PROTECTED]> To: "JRun-Talk" <[EMAIL PROTECTED]> Sent: Tuesday, January 14, 2003 4:55 AM Subject: Re: JRun-Talk-List V1 #224 > Hi All, > > Dave Watts wrote: > > > I think this would be a matter of Apache configuration. I'm more > > familiar > > with IIS; in IIS, you can disable the use of scripts and/or executables > > within a single directory from within the IIS management console. I'm > > very > > sure you can do the same in Apache, but I'm not 100% sure how you'd do > > it. I > > suspect you might do something like this: > > > > <Directory /var/www/somedirectory> > > Options None > > </Directory> > > Thanks for the suggestion. It would even work if Jrun played nice, but > in my experience it doesn't. Where other plugins function as a filter > to Apache's output, Jrun takes total control of the document tree. > From then on the Apache config is irrelevant. The time I tried to add > some CGIs to the site we got the PERL code served up, rather than > executed. > > Does anyone know if Jrun honours .htaccess files? > > Dan Tran wrote: > > > The root security issue has been addressed in JRUN 4 > > Not an option at present I'm afraid. Any configuration solutions? > > -- > > David Spacey > > [EMAIL PROTECTED] > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=8 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=8 Get the JRun Web Application Construction Kit - the only book written specifically for JRun developers. http://www.amazon.com/exec/obidos/ASIN/0789726009/houseoffusion
