Lawrence Sweeney wrote:
>
> William Anderson wrote:
>
> > ----- Original Message -----
> > From: "Lawrence Sweeney" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Thursday, February 15, 2001 10:38 AM
> > Subject: Re: [scottish] Apache admin
> >
> >
> >
> >> Ross Hendry wrote:
> >>
> >>
> >>> How can I make a cgi-bin/ directory in a users home actually execute cgi
> >>
> >> [snippage]
> >>
> >> In httpd.conf you will want something like this
> >>
> >>
> >> <Directory /home/*/public_html/cgi-bin>
> >> [snip]
> >
> >
> > oooo cool :) I'd still personally recommend cgiwrap for user CGIs tho ...
> >
>
> You'll still need to give apache permission to exec the cgi.
>
> It is a good point you make. Using a setuid cgi wrapper, like suEXEC, is
> a _very_ good idea in a multiuser environment. (suEXEC also wraps SSI).
> Otherwise any files written with cgi will be available for inspection,
> modification or deletion, whether by design or accident, by anyone else
> with an account.
> Not always desirable ;-)
>
> HTH
>
> Lawrence
>
> --------------------------------------------------------------------
> http://www.lug.org.uk http://www.linuxportal.co.uk
> http://www.linuxjob.co.uk http://www.linuxshop.co.uk
> --------------------------------------------------------------------
Hi,
On a similar theme, how would one protect a piece of e.g. PHP source
code? The file needs to be given read access to all users (so that
apache running as user "nobody" can read it) but this means that all
other users on the system can read your PHP source.
Thanks,
Allan
--
A computer without FORTRAN is like a chocolate cake without mustard.
--------------------------------------------------------------------
http://www.lug.org.uk http://www.linuxportal.co.uk
http://www.linuxjob.co.uk http://www.linuxshop.co.uk
--------------------------------------------------------------------
