[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sheflug] Trying to be a standalone server but failing



> > executable, for security reasons), they need to be chmod a+x (for a very
> > insecure CGI ;) and you need to make sure it is executed by the PERL
> > interpreter (i.e., #!/bin/perl , or something similar, must be the first
> > line of the program). Forget Apache, that's not where the problem is -
> > from the sounds of it, your httpd is working fine.
>
> To let users execute their own cgis you will have to set up suexec though,
> which may or may not be a head ache depending on how the distros set
> things up these days.

As Chris said, it's not strictly necessary, but I've not come across a
distro that doesn't set it up in recent memory. To be honest, if you're
*that* worried about security (this only really affects user/user file
narfing; it doesn't close any security holes particularly, so it's only of
concern on a multi-user server anyway) you're going to know how to set up
all this stuff already. And I'd lay money that there'd be many much more
potentially serious security holes in the CGI itself (even Perl can be
insecure).

Just as an aside, has anyone any experience of TUX yet? If I have some spare
time I'm planning on downloading & playing with it. To me, it reminds me of
a number of other httpd's - one particular one did multiple connection
multiplexing, which meant it could do away with fork(), unlike many httpd
implementations (can't recall the name; I bet it's on freshmeat tho'). It'll
be interesting to see if it's a similar approach; it certainly sounds like
it.

Cheers,

Alex.

---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word 
 "unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.