Diana Moreland wrote:
>
> I need to know how to let users run cgi scripts in their home
> directories without using the ExecCGI directive that is such a security
> risk.
>
> Can somebody please offer me a hint or point me to the right mailing
> list?
Check out p160 of Lauries' Apache Guide...
Basically you need to use the directive "UserDir" with an argument which
is the directory name everyone must use for public WWW stuff (e.g.
"www"). So say:
UserDir www
then a request for:
http://your-machine/~fred/page.html
will go to:
/home/fred/www/page.html
So that serves static HTML. For CGIs, fred has to have a subdirectory
(e.g. www/cgi-bin) and then you use ScriptAlias:
ScriptAlias /~fred/cgi-bin/ /home/fred/www/cgi-bin/
An alternative is to load the Rewrite module and then you can do clever
pattern-matching and stuff...
Best regards,
Owen Boyle.
--
SWX Swiss Exchange, 10 Cours de Rive, 1211 Geneve 3
--------------------------+-------------------------
Phone: +41 (0)22 849 5648 | Fax: +41 (0)22 849 5643
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
