Re: apache2: clearing the air [please read]
Nick Phillips <email@example.com> writes:
> CGI scripts *will* be changing, and not always under the control of the
> admin. In fact, having /usr mounted ro would likely make such a situation
> much more secure.
There is two kinds of cgi-scripts. Nice packaged up ready to use
scripts which is distributed as debian packages and scipts made for
one specific host only.
The first group of scripts belongs in /usr together with everything
else installed from Debian archives. The second group of scipts
belongs the same place as the site specific html files.
My oppinion is that packaged cgi-scripts should be placed in
/usr/<somewhere>/cgi-bin and then it is up to the admin og the
webmaster to import the needed cgi scripts in at host specific
cgi-bin. This puts some demands on the packaged cgi script. They can't
just depend on some configuration in /etc (htdig does this for example).
Når folk spørger mig, om jeg er nørd, bliver jeg altid ilde til mode
og svarer lidt undskyldende: "Nej, jeg bruger RedHat".
-- Allan Olesen på dk.edb.system.unix