[cobalt-users] RE: Cgi-bin via admin acces denied, via root okay, via ftp okay.

["Nicolae" <nicolaep@xxxxxxxxxxxxxxxxxx>]

> Message: 14
> Date: Tue, 02 Apr 2002 08:23:15 -0500
> Subject: Re: [cobalt-users] RE: CGI-BIN chmod 711 and a slurpee with
> 	that...
> From: Olaf Alders <olaf@xxxxxxxxxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
> 
> on 4/2/02 1:05 AM, Nicolae at nicolaep@xxxxxxxxxxxxxxxxxx wrote:
> 
> 
> >> 
> >> On Mon, 01 Apr 2002, Mark Middleton wrote:
> >>> I've searched the archives, and understand that the RAQs
> >> allow you to
> >>> run cgi scripts anywhere, and to just create a folder called 
> >>> "cgi-bin". However, now this folder is browse-able.
> >>> 
> >> 
> >> chmod the cgi-bin 711
> >> and chmod the cgi-files 711
> >> They can execute them BUT they can't read em.
> > 
> > Unless you hit scripts and such that want 755 access or 777 and you 
> > get scripts that also want 777 sub-directories in your cgi-bin.
> > 
> 
> Since the scripts run under the cgi wrapper you can almost 
> always get away with running them under chmod 700.  I have 
> hundreds of scripts running with 700 permissions that create 
> files, directories etc no problem.

I changed mine to 711 because I had issues with 2 cgi-scripts
now I can get into cgi-bin but I cannot "ls" list the stuff
access denied.

[admin cgi-bin]$ ls
ls: .: Permission denied

----
drwx--x--x  10 grouphere home         1024 Mar 17 00:59 cgi-bin
----

Although I can login via FTP and browse the directory fine.
Just fine... 

> If I'm not mistaken, you should be able to run your cgis out 
> of any web folder on an XTR.  To stop the folder from being 
> browsed, add an .htaccess file that contains the following:
> 
> Options -Indexes
> 
> That should pretty much take care of things.
> 
> Olaf