[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Shared CGI-BIN - solved

Subject: Re: [cobalt-users] Shared CGI-BIN - solved
From: "Brandon Keim" <brandon@xxxxxxxxxxxxxx>
Date: Mon Jan 29 10:02:05 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

This didn't work for me.  I'm getting File Not Found.  I ran "httpd
restart", was that the proper command to restart apache?

Thanks,
Brandon Keim
WebXonline.com

----- Original Message -----
From: "Kul" <WebMaster@xxxxxxx>
To: <cobalt-users@xxxxxxxxxxxxxxx>
Sent: Monday, January 29, 2001 3:50 PM
Subject: Re: [cobalt-users] Shared CGI-BIN - solved


> baltimoremd@xxxxxxxxxxxxxxx wrote:
>
> > I'd like to make available some cgi scripts to all users on a RaQ4 from
> > a shared area.  Search of the archives hasn't lead to much more that I
> > think it can be done.
> >
> > Would be interested in a solution that someone has done and/or knows
> > can be done.
> > Thanks
> > Thom
>
> Hi Thom, (and others, your wish is my command....)
>
> If I understand you correctly, you want a "cgi" directory that ANY user on
YOUR Raq can use (execute not read/write to/from)!
>
> I have a Raq3 and sometime back I looked into this very problem, nobody
could help so I SOLVED it myself.  With tips from others, a couple of hours,
many restarts, a few swear words, and 5 cups of coffee later it was done and
dusted.
> NOTE: I have a raq3, but highly suspect it is easily transferable to a 4 -
let us know if it goes ok?
>
> In your **httpd.conf** file, add the following line, then create directory
"cgi-pub" (use whatever you like) in the home site (could actually be any,
but home is probably best).   Make sure it **IS** in the "web" directory or
cgi-wrapper will go bananas and stop it working!  Ensure you create the
"cgi-pub" directory NOT as root or you can't upload the scripts (as I did -
Dohh) then ensure its chmod'ed correctly (see example below) (and its
containing scripts) - I found the admin user the best one to use as the
owner of the "cgi-pub" directory.
>
>     ScriptAlias /cgi-pub/ /home/sites/home/web/cgi-pub/
>
> Once you have added above line, restart 'httpd' (not sure if its the same
on raq4's as on 3's).
>
> !!AN IMPORTANT POINT TO NOTE!! (shouting is required <g>)
> If a Virtual Site does **NOT** have cgi access (from GUI) and they were to
call any of the scripts from their site, they will still be served the cgi
script, but as plain/text - They get to see the source, which could
obviously open up any security weaknesses.
> The way around this is easy, but involves a little more typing: Instead of
sticking the "ScriptAlias......" anywhere in the httpd.conf file, put it
inside EACH of the <VirtualHost> containers that have cgi access enabled,
and **NOT** elsewhere in the main httpd.conf file:
>
> <VirtualHost 123.456.789.012>
> ...bla..bla..bla...
> AddHandler cgi-wrapper .cgi
> AddHandler cgi-wrapper .pl
> ScriptAlias /cgi-pub/ /home/sites/home/web/cgi-pub/
> </VirtualHost>
>
> My details on my cgi-pub directory:
>     drwxr-x--x   2 admin    home         1024 Jan 19 23:24 cgi-pub
> and its contents:
>     drwxr-x--x   2 admin    home         1024 Jan 19 23:24 .
>     drwxrwsr-x  10 nobody   home         1024 Dec 02 05:32 ..
>     -rwxr-xr-x   1 admin    home         3754 Jan 19 23:24 a-script.cgi
>
> The virtual site can then call the script either of two ways:
> 1.    http://www.thevirtualhost.com/cgi-pub/a-script.cgi
> 2.    /cgi-pub/a-script.cgi
>
> This is what I do, and it works a treat (even if I do say so
myself...<self-congratulations>), preventing the other virtual hosts from
viewing the source code and still allowing them to use the scripts.  The
other bonus is that they don't have to go through the installation and all
that it invloves... you know, when they spend four hours to find out it
should have ftp'd in ASCII !! <g>
>
> With this solution you can make certain scripts globally available to
'selected' or 'all' virtual hosts !
> Avoid putting your site specific scripts in the same directory for obvious
reasons.
>
> Sorry if this sounds a little patronizing (NOT Intended), but wanted to
keep it simple and fully explained as others in the future may come across
it and find it useful !
>
> Hope this helps
>
> Regards
> Kul
>
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>

Follow-Ups:
- Re: [cobalt-users] Shared CGI-BIN - solved
  - From: Mike Fritsch
- Re: [cobalt-users] Shared CGI-BIN - solved
  - From: Kul
- RE: [cobalt-users] Shared CGI-BIN - solved
  - From: Carrie Bartkowiak

References:
- [cobalt-users] Shared CGI-BIN
  - From: baltimoremd
- Re: [cobalt-users] Shared CGI-BIN - solved
  - From: Kul

Prev by Date: [cobalt-users] CmuImport Doesn't import the users to /etc/group ?
Next by Date: [cobalt-users] Monitor is already running
Previous by thread: [cobalt-users] Monitor is already running
Next by thread: Re: [cobalt-users] Shared CGI-BIN - solved

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index