Re: enabling suexec with debian apache [solved]
> And how can you set up /home/<user>/cgi-bin to be web-executable if you
> cannot describe it with a web url?
that's what aliases and scriptaliases are for. you would put in their
virtualhost config (or just change the pathing cgiwrap's source) something
like this:
ScriptAlias /cgi-bin/ /home/user/cgi-bin/
think about it, debian's default cgi-bin isn't describable with a url. the
doc root is /var/www and the default cgi-bin is /usr/lib/cgi-bin.
> - how can I protect data files from being read from the filesystem,
> which should be readable from the web, but only after authentication?
> Since they should be http-served, they should be world-readable... Then
> how can I prevent anyone from reading them on the webserver system
> itself?
what we do is have the doc root setup like this:
ryumin(larry)$ ls -ld /var/www
drwxr-s--- 22 root wwwroot 28672 Dec 27 11:25 /var/www
and have the user the web server runs as setup like this:
ryumin(larry)$ groups www-data
www-data wwwroot
that way the web server can read files from inside /var/www but no one else
can unless they are in the wwwroot group.
adam.
Reply to: