[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: password-protected cgi-bin directory?

On Mon, Sep 22, 2008 at 06:13:06PM +0200, sean finney wrote:
> hiya,
> On Mon, Sep 22, 2008 at 10:06:35AM +0200, Andreas Tille wrote:
> > I wonder what might be the apropriate implementation in Debian because
> > I do not know that there is anything like a "password-protected cgi-bin
> > directory".  Has anybody solved a similar problem or is there some
> > advise to do this reasonably?
> my advice is that you put the "cgi-bin" binaries in a directory solely for
> your own package, i.e. /usr/lib/<pkg>/cgi-bin .  then you can set up a
> default htaccess file and apache configuration under etc and leave it to the
> admin to configure it (or do so via debconf if you want to be fancy).
> i would strongly recommend against putting anything in /usr/lib/cgi-bin,
> as use of this directory should be deprecated[1].
>   sean
> [1] yes, i know that (normal, not webapps) policy still points at it and some 
>     packages may still use it, but it should go away regardless.

Is that supposed to work with apache or with any package that provides
httpd-cgi ?

Tzafrir Cohen         | tzafrir@jabber.org | VIM is
http://tzafrir.org.il |                    | a Mutt's
tzafrir@cohens.org.il |                    |  best
ICQ# 16849754         |                    | friend

Reply to: