Hi Kurt,
Kurt Wall wrote:
> Tim Wunder jabbered:
>
>>Hi,
>>I'm trying to set up an Alias in my httpd.conf file that'll allow me to
>>redirect a request for <my_URL>/calendar to <my_URL>/cgi-bin/webcal so
>>that if I try to access <my_URL/calendar/webcal.cgi, I get the WebCal
>>calendar selection script.
>>I've made these entries in my httpd.conf file:
>> Alias /calendar "/home/httpd/cgi-bin/webcal"
>> <Directory "/home/httpd/cgi-bin/webcal">
>> AllowOverride AuthConfig
>> Options ExecCGI
>> </Directory>
>>
>>When I type in <my_URL>/calendar/webcal.cgi I'm presented with the text
>>of the webcal.cgi perl script. When I type in
>><my_URL>/cgi-bin/webcal/webcal.cgi the script executes and I'm presented
>>with the calendar selection screen. What must I do to get the script to
>>execute when called with <my_URL>/calendar/webcal.cgi?
>>
>>Ultimately, I want to be able to type <my_URL>/calendar and get
>>presented with the calendar selection screen.
>>
>
> Look at the ScriptAlias directive. You can also enable CGI on a per
> directory basis using a <Directory></Directory> block.
I have a "ScriptAlias cgi-bin /home/httpd/cgi-bin" line in my
httpd.conf, do I need another for the non-existent, aliased, /calender
directory? I've tried "ScriptAlias cgi-bin /calendar", but that had no
effect, so I deleted it.
I thought I did enable CGI in a <Directory></Directory> block with
<Directory "/home/httpd/cgi-bin/webcal">
AllowOverride AuthConfig
Options ExecCGI
</Directory>
Do I need to do it for the non-existent /calendar directory that's
Aliased?...
I just tried changing "/home/httpd/cgi-bin/webcal" to "/calendar" in
that section, but it had no effect, so I changed it back.
> For example:
>
> <Directory /home/*public_html/cgi-bin>
> Options +ExecCGI
> SetHandler cgi-script
> <Directory>
>
> This enable CGI scripts in user home directories. You need an
> appropriate AddHandler directive elsewhere in httpd.conf. However,
> enabling mortal users to run CGI scripts poses a significant security
> risk.
>
So, if I uncomment the
"AddHandler cgi-script .cgi" line, it'll work?
Let me try that...
Yes, that works. The cgi script executes. But, that apparently is a
risky way? What, exactly is the "significant security risk"? Is it an
external risk, or internal risk? The users on the system are just the
family (the wife, 2 sons, and me). None of us are likely to create any
elaborate cgi scripts...(maybe the teenager...)
BTW, I did not add the <Directory> section you list above. The only
change I made to what I had orignally is that I added the Addhandler line.
Thanks,
Tim
_______________________________________________
Linux-users mailing list
Archives, Digests, etc at http://linux.nf/mailman/listinfo/linux-users
