Hi all,
Please forgive me one more comment.
Mon, 24 Oct 2016 19:31:05 +1030, Ron wrote:
> ... and it may well be that this has actually happened now with
> upstream's decision to drop all support for providing a secure
> system CGI of any form that people can use for this. The upstream
> code is basically now back to what it was in the 90's, with the only
> way to use this being to allow execution of a generated CGI in the
> same tree as the html content. Which was already well known to be a
> dangerous and ill advised idiom even back then ...
Apache + system CGI is somewhat overdone to use htags.
GLOBAL is just a source code tagging tool for developers;
it is not a system to publish something to the world.
My answer is htags-server(1), a private http server for htags.
You should invoke this command for each project like this:
$ gtags
$ htags --suggest2
$ htags-server
Python2 http/cgi server
Serving HTTP on 127.0.0.1 port 8000 ...
It is easy to use, and is safer because it runs with user's
privilege without publishing to the network by default.
This command was added to GLOBAL-6.3 in 2014.
IMO, it is useless to continue supporting system CGI.
It is difficult to set up, and never makes something safer.
Regards,
Shigio
--
Shigio YAMAGUCHI <
shigio@gnu.org>
PGP fingerprint: D1CB 0B89 B346 4AB6 5663 C4B6 3CA5 BBB3 57BE DDA3
I don't like FUD.
-- Anonymous