[cgiwrap-users] Re: cgiwrap and dense users
Brought to you by:
nneul
Menu
▾
▴
[cgiwrap-users] Re: cgiwrap and dense users
|
From: Nathan N. <nn...@um...> - 2000-09-18 13:01:02
|
Deborah Weisman wrote: > > Thanks for answering so fast. > I still am confused. > > you answered : > >Scripts other than cgiwrap. I.e. if you install cgiwrap, that should be > >the only way you allow non-trusted users to install/run scripts. > > Do you mean that the cgi-bin directory should be accessible to all, > but should contain no other scripts besides cgiwrap? What are your > recommended <Directory> configuration directives for the cgi-bin > directory? What permissions do you recommend on the cgi-bin directory? 700 ideally. 755 at most. YOu can put other scripts there, just don't let an untrusted user install scripts there. Since it essentially gives them root access. > Is it possible to define the users' cgi-bin directory outside the > public-html tree? > I would prefer to have the individual users cgi's sit below the uses > home directory and outside of public_html, not beneath it as you > suggest, because that way the scripts are not readable with a browser. Yes, just change how you configure cgiwrap. > I also have a directory called local-bin, where I have some scripts > that I let various users use with different templates. Does having > that directory > provide a greater security threat once cgiwrap is installed into cgi-bin? > > -- > > Computer Center > Faculty of Agriculture > Hebrew University of Jerusalem > P.O.B. 12 > Rehovot 76100 ISRAEL > > phone:972-8-9489232 > fax: 972-8-9469857 > email: dv...@ag... -- ------------------------------------------------------------ Nathan Neulinger EMail: nn...@um... University of Missouri - Rolla Phone: (573) 341-4841 CIS - Systems Programming Fax: (573) 341-4216 |
