On Fri, Mar 14, 2014 at 7:01 PM, Jerry Stuckle <jstuckle@attglobal.net> wrote:
On 3/14/2014 9:20 PM, Peter Michaux wrote:
Hi,
The default virtual host when Apache is installed on Debian has
document root /var/www and a cgi-bin directory /usr/lib/cgi-bin. These
directories do not make intuitive sense to me. If I have static HTML
pages and some Perl CGI scripts, I would expect they go somewhere
under /usr/share/. What is the rational behind the chosen default
directories?
Thanks,
Peter
No way would I want a web user to have access to what's in /usr/share. It
would be a huge security exposure to allow a website user access to other
files in the directory.
How would access to one directory allow access to other directories in
/usr/share ?
If access to a subdirectory of /usr/share is a concern then doesn't
access to /usr/lib/cgi-bin cause the same concern for /usr/lib ?
Peter