Re: Apache cgi-bin for users

To: debian-isp@lists.debian.org
Subject: Re: Apache cgi-bin for users
From: "Marcel Hicking" <hicking@du.gtn.com>
Date: Fri, 4 Jan 2002 13:59:21 +0100
Message-id: <[🔎] 3C35B539.22123.2CE37E43@localhost>
Reply-to: hicking@du.gtn.com
In-reply-to: <[🔎] 09ff01c194a2$afe02640$0400a8c0@zentek.net>

Go for CGIWrap.

> CGIWrap is a gateway program that allows general users to
> use CGIscripts and HTML forms without compromising the
> security of the http server. Scripts are run with the
> permissions of the user who owns the script. In addition,
> several security checks are performed on the script,
> which will not be executed if any checks fail

http://cgiwrap.unixtools.org/

Cheers,
Marcel

Jason Lim <maillist@jasonlim.com> 4 Jan 2002, at 6:04:

> While I've never run things from
> /home/*/public_html/cgi-bin/somethinghere.cgi,
> we've always had to recompile suexec to get things working.
>
> suexec has hard-compiled in the allowed directory, so you'd
> need to recompile that to get some other directory to work.
>
> I suggest you try that.
>
> Sincerely,
> Jason
>
> ----- Original Message -----
> From: "Keith Elder" <keith@zorka.com>
> To: "Marcel Hicking" <hicking@du.gtn.com>
> Cc: <debian-isp@lists.debian.org>
> Sent: Friday, January 04, 2002 5:36 AM
> Subject: Re: Apache cgi-bin for users
>
>
> > Thanks Marcel,
> >
> > Let me restate what it was I was asking just to clarify my
> > situation. If anyone has any input, by all means annie up.
> >
> > What I am trying to do is setup the server so users in
> > /home/*/ can execute CGI programs on their personal web
> > pages on this particular
> machine.  I found a reference in the apache admin guide I
> have and the apache site which say to put the following in
> the httpd.conf: > > <Directory /home/*/public_html/cgi-bin>
> > Options ExecCGI > Addhandler cgi-script .cgi .pl >
> </Directory> > > I have done that, but I still cannot make
> the following work: > >
> http://yourdomain.com/~username/cgi-bin/test.cgi > > When
> this page is run, I get "premature end of headers" in the
> error.log > file.  I thought this would be fairly simple but
> it is turning out to be > a headache. > > Anything else I
> can try? > > Keith > > > * Marcel Hicking
> (hicking@du.gtn.com) wrote: > > From: "Marcel Hicking"
> <hicking@du.gtn.com> > > To: debian-isp@lists.debian.org > >
> Date: Thu, 3 Jan 2002 19:08:32 +0100 > > Subject: Re: Apache
> cgi-bin for users > > Reply-to: hicking@du.gtn.com > >
> X-mailer: Pegasus Mail for Win32 (v3.12c) > > > >
> ScriptAlias /cgi-bin/ /path/to/customers/cgi-bin/ > > > >
> See > >
> http://httpd.apache.org/docs/mod/mod_alias.html#scriptalias
> > > > > Please make really(!) sure what security
> implications it > > has to allow not trustworthy people
> (customers ;-) to run > > programms on _your_ server. Hint:
> Look for cgi-wrap and > > changeroot. > > > >
> http://httpd.apache.org/docs-2.0/misc/security_tips.html > >
> http://httpd.apache.org/docs-2.0/suexec.html > >  or better
> > > http://wwwcgi.umr.edu/~cgiwrap/ > > > > Cheers, > >
> Marcel > > > > > > Keith Elder <keith@zorka.com> 31 Dec
> 2001, at 17:31: > > > > > Greetings and Happy New Year! > >
> > > > > I am trying to enable cgi-bin on user directories.
> I found > > > the following lines on the apache.org site,
> put them in, but > > > they didn't work: > > > > > >
> <Directory /home/*/public_html/cgi-bin> > > >     Options
> ExecCGI > > >  SetHandler cgi-script > > > </Directory> > >
> > > > > > > > Any other suggestions as to how to setup
> cgi-bin directories > > > for user accounts? > > > > > > > >
> > Thanks, > > > > > > Keith > > > > > >
> ####################################################### > >
> >                       Keith Elder > > >
> Email: keith@zorka.com > > >                 Phone:
> 1-734-507-1438 > > >  Text Messaging (145 characters):
> mobile@zorka.com > > > Web: http://www.zorka.com (Howto's,
> News, and hosting!) > > > > > >      "With enough memory and
> hard drive space > > >            anything in life is
> possible!" > > >
> ####################################################### > >
> > > > > > > > -- > > > To UNSUBSCRIBE, email to
> debian-isp-request@lists.debian.org > > > with a subject of
> "unsubscribe". Trouble? Contact > > >
> listmaster@lists.debian.org > > > > > > > > > -- > >    __ >
> >  .´  `. > >  : :' !  Enjoy > >  `. `´  Debian/GNU Linux >
> >    `- > > > > > > -- > > To UNSUBSCRIBE, email to
> debian-isp-request@lists.debian.org > > with a subject of
> "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> > > >
> ####################################################### >
>                    Keith Elder >                Email:
> keith@zorka.com >                 Phone: 1-734-507-1438 >
> Text Messaging (145 characters): mobile@zorka.com > Web:
> http://www.zorka.com (Howto's, News, and hosting!) > >
> "With enough memory and hard drive space >
> anything in life is possible!" >
> ####################################################### >
> http://www.zentek-international.com

--
   __
 .´  `.
 : :' !  Enjoy
 `. `´  Debian/GNU Linux
   `-

Reply to:

References:
- Re: Apache cgi-bin for users
  - From: "Jason Lim" <maillist@jasonlim.com>

Prev by Date: Re: Apache cgi-bin for users
Next by Date: Re: BIND exploited ?
Previous by thread: Re: Apache cgi-bin for users
Next by thread: Re: Apache cgi-bin for users
Index(es):
- Date
- Thread