At 02:30 PM 3/11/00 -0500, you wrote:
If I add pl-safe as a perl extension, how can I prevent my users from upload files as pl-safe, i.e., MyDoamin.com/cgiuser/Count.pl-safe Would work for everyone UsersDomain.com/cgiuser/Count.pl-safe Would Work for everyone UsersDomain.com/cgi-bin/Script.pl-safe Would not run. UsersDomain.com/cgi-bin/Script.pl Would run under the wrap
Bill,I just wrote a complete set of instructions for implementing separate "cgi-bin" and "cgi-local" directories on a Cobalt Raq. The "cgi-bin" directory would point towards known "safe" cgi programs that you install for your customers, and each customer would have his own "cgi-local" directory in which to install his/her own cgi programs to run under cgi-wrapper.
After writing it (I spent several hours on it, referring extensively to The "Apache Server Bible", Mohammed J. Kabir, IDG Books, 1998), I decided I could NOT in good faith post it to the list or even send it to you privately. Why?
Because it's NOT been tested on any Cobalt product. Because it probably will (without a lot of tweaking) completely destroy the cobalt web-based gui interface.
Because I'm letting myself into a world of hurt if I release it, both to my wallet (when I'm sued) and to my reputation.
So I can't tell you how to do it, except to say it's not easy.If you or anyone else has a RaQ that is NOT in production to let me experiment on, I think this would be a wonderful addition to what the RaQ does, but I can't afford a RaQ just for experimental purposes.
I don't mean you should send me the RaQ (although that would make life a bit easier); I can and will do this over the net.
But I need a virgin RaQ with it's own IP# (I can point a test domain or domains to it) and a bunch of time.
Then, I MAY be able to come up with something that works and doesn't break the RaQ interface (or at least doesn't break it so badly as to incapacitate the system).
I suppose if someone is nice enough to let me do this, I'd have to release whatever I do into open-source; I'm willing to do that even though I'll lose literally billions of dollars in consulting revenue <wild-grin>.
Jeff -- Jeff Lasman <jblists@xxxxxxxxxxxxx>