[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Shared CGI-BIN - solved

Subject: Re: [cobalt-users] Shared CGI-BIN - solved
From: "Mike Fritsch" <mfritsch@xxxxxxxxxxxx>
Date: Mon Jan 29 10:30:04 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

To restart apache do:

/etc/rc.d/init.d/httpd restart

Make sure you are logged in as root.


Mike
----- Original Message -----
From: "Brandon Keim" <brandon@xxxxxxxxxxxxxx>
To: <cobalt-users@xxxxxxxxxxxxxxx>
Sent: Monday, January 29, 2001 2:51 AM
Subject: Re: [cobalt-users] Shared CGI-BIN - solved


> This didn't work for me.  I'm getting File Not Found.  I ran "httpd
> restart", was that the proper command to restart apache?
>
> Thanks,
> Brandon Keim
> WebXonline.com
>
> ----- Original Message -----
> From: "Kul" <WebMaster@xxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Sent: Monday, January 29, 2001 3:50 PM
> Subject: Re: [cobalt-users] Shared CGI-BIN - solved
>
>
> > baltimoremd@xxxxxxxxxxxxxxx wrote:
> >
> > > I'd like to make available some cgi scripts to all users on a RaQ4
from
> > > a shared area.  Search of the archives hasn't lead to much more that I
> > > think it can be done.
> > >
> > > Would be interested in a solution that someone has done and/or knows
> > > can be done.
> > > Thanks
> > > Thom
> >
> > Hi Thom, (and others, your wish is my command....)
> >
> > If I understand you correctly, you want a "cgi" directory that ANY user
on
> YOUR Raq can use (execute not read/write to/from)!
> >
> > I have a Raq3 and sometime back I looked into this very problem, nobody
> could help so I SOLVED it myself.  With tips from others, a couple of
hours,
> many restarts, a few swear words, and 5 cups of coffee later it was done
and
> dusted.
> > NOTE: I have a raq3, but highly suspect it is easily transferable to a
4 -
> let us know if it goes ok?
> >
> > In your **httpd.conf** file, add the following line, then create
directory
> "cgi-pub" (use whatever you like) in the home site (could actually be any,
> but home is probably best).   Make sure it **IS** in the "web" directory
or
> cgi-wrapper will go bananas and stop it working!  Ensure you create the
> "cgi-pub" directory NOT as root or you can't upload the scripts (as I
did -
> Dohh) then ensure its chmod'ed correctly (see example below) (and its
> containing scripts) - I found the admin user the best one to use as the
> owner of the "cgi-pub" directory.
> >
> >     ScriptAlias /cgi-pub/ /home/sites/home/web/cgi-pub/
> >
> > Once you have added above line, restart 'httpd' (not sure if its the
same
> on raq4's as on 3's).
> >
> > !!AN IMPORTANT POINT TO NOTE!! (shouting is required <g>)
> > If a Virtual Site does **NOT** have cgi access (from GUI) and they were
to
> call any of the scripts from their site, they will still be served the cgi
> script, but as plain/text - They get to see the source, which could
> obviously open up any security weaknesses.
> > The way around this is easy, but involves a little more typing: Instead
of
> sticking the "ScriptAlias......" anywhere in the httpd.conf file, put it
> inside EACH of the <VirtualHost> containers that have cgi access enabled,
> and **NOT** elsewhere in the main httpd.conf file:
> >
> > <VirtualHost 123.456.789.012>
> > ...bla..bla..bla...
> > AddHandler cgi-wrapper .cgi
> > AddHandler cgi-wrapper .pl
> > ScriptAlias /cgi-pub/ /home/sites/home/web/cgi-pub/
> > </VirtualHost>
> >
> > My details on my cgi-pub directory:
> >     drwxr-x--x   2 admin    home         1024 Jan 19 23:24 cgi-pub
> > and its contents:
> >     drwxr-x--x   2 admin    home         1024 Jan 19 23:24 .
> >     drwxrwsr-x  10 nobody   home         1024 Dec 02 05:32 ..
> >     -rwxr-xr-x   1 admin    home         3754 Jan 19 23:24 a-script.cgi
> >
> > The virtual site can then call the script either of two ways:
> > 1.    http://www.thevirtualhost.com/cgi-pub/a-script.cgi
> > 2.    /cgi-pub/a-script.cgi
> >
> > This is what I do, and it works a treat (even if I do say so
> myself...<self-congratulations>), preventing the other virtual hosts from
> viewing the source code and still allowing them to use the scripts.  The
> other bonus is that they don't have to go through the installation and all
> that it invloves... you know, when they spend four hours to find out it
> should have ftp'd in ASCII !! <g>
> >
> > With this solution you can make certain scripts globally available to
> 'selected' or 'all' virtual hosts !
> > Avoid putting your site specific scripts in the same directory for
obvious
> reasons.
> >
> > Sorry if this sounds a little patronizing (NOT Intended), but wanted to
> keep it simple and fully explained as others in the future may come across
> it and find it useful !
> >
> > Hope this helps
> >
> > Regards
> > Kul
> >
> >
> > _______________________________________________
> > cobalt-users mailing list
> > cobalt-users@xxxxxxxxxxxxxxx
> > To Subscribe or Unsubscribe, please go to:
> > http://list.cobalt.com/mailman/listinfo/cobalt-users
> >
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users

References:
- [cobalt-users] Shared CGI-BIN
  - From: baltimoremd
- Re: [cobalt-users] Shared CGI-BIN - solved
  - From: Kul
- Re: [cobalt-users] Shared CGI-BIN - solved
  - From: Brandon Keim

Prev by Date: [cobalt-users] DHCP lease file on Qube3
Next by Date: RE: [cobalt-users] cron.hourly
Previous by thread: Re: [cobalt-users] Shared CGI-BIN - solved
Next by thread: Re: [cobalt-users] Shared CGI-BIN - solved

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index