[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Apache tilde question - Solved

On Fri, Apr 17, 1998 at 03:04:28PM +1000, Hamish Moffatt wrote:
: On Thu, Apr 16, 1998 at 08:39:50PM -0400, Jason Costomiris wrote:
: > On Thu, Apr 16, 1998 at 12:28:01AM -0700, Tim Metz wrote:
: > : > ScriptAlias /~smith/cgi-bin/ /home/smith/public_html/cgi-bin/
: > 
: > You've got a bigger problem at work here.
: > Your cgi-bin dir is potentially readable by HTTP clients.  BAD.
: > Locate it somewhere else on the filesystem.
: 
: Could you explain why? I can't see it. ~smith/cgi-bin will be
: the only way to access the directory, so either they'll be executed
: or they'll be sent. Scripts have to be readable (as well as executable),
: of course.

Yes, but that directory is in the document tree.  Your /cgi-bin dir
isn't in the document tree.  Ever wonder why?

-- 
Jason Costomiris <><            | Linux...
jcostom@jasons.org              | "Find out what you've been missing 
http://www.jasons.org/~jcostom/ | while you've been rebooting Windows NT."
#include <disclaimer.h>         |         --Infoworld


--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: