Re: password-protected cgi-bin directory?

To: "Andreas Tille" <tillea@rki.de>
Cc: "Debian Developers" <debian-devel@lists.debian.org>
Subject: Re: password-protected cgi-bin directory?
From: "Thijs Kinkhorst" <thijs@debian.org>
Date: Mon, 22 Sep 2008 10:52:32 +0200 (CEST)
Message-id: <[🔎] f442373b3a4a7288643d10ffaecca69a.squirrel@wm.kinkhorst.nl>
In-reply-to: <[🔎] alpine.DEB.2.00.0809221002520.17081@wr-linux02>
References: <[🔎] alpine.DEB.2.00.0809221002520.17081@wr-linux02>

Hi Andreas,

On Mon, September 22, 2008 10:06, Andreas Tille wrote:
> I wonder what might be the apropriate implementation in Debian because
> I do not know that there is anything like a "password-protected cgi-bin
> directory".  Has anybody solved a similar problem or is there some advise
> to do this reasonably?

The cgi-bin directory on Debian is /usr/lib/cgi-bin, so you'd probably
place it somewhere under there. You can then use an Apache configuration
file snippet with a <Directory> or <File> or <Location> block to limit
access. What I usually see happening is that access is limited to
localhost only and possibly combined with http basic authentication of
which the password is asked from the user upon installation. One such
example is the setup script in the phpmyadmin package.

An Apache snippet doesn't work with any webserver of course, so that is a
drawback, but if the script doesn't have built-in authorisation features I
don't know of a universal way to limit access to it.

cheers,
Thijs

Reply to:

Follow-Ups:
- Re: password-protected cgi-bin directory?
  - From: sean finney <seanius@debian.org>

References:
- password-protected cgi-bin directory?
  - From: Andreas Tille <tillea@rki.de>

Prev by Date: password-protected cgi-bin directory?
Next by Date: Re: [Pkg-xen-devel] Xen status in lenny?
Previous by thread: password-protected cgi-bin directory?
Next by thread: Re: password-protected cgi-bin directory?
Index(es):
- Date
- Thread