On Thu, Apr 16, 1998 at 08:39:50PM -0400, Jason Costomiris wrote: > On Thu, Apr 16, 1998 at 12:28:01AM -0700, Tim Metz wrote: > : > ScriptAlias /~smith/cgi-bin/ /home/smith/public_html/cgi-bin/ > > You've got a bigger problem at work here. > Your cgi-bin dir is potentially readable by HTTP clients. BAD. > Locate it somewhere else on the filesystem.
Could you explain why? I can't see it. ~smith/cgi-bin will be the only way to access the directory, so either they'll be executed or they'll be sent. Scripts have to be readable (as well as executable), of course. thanks, Hamish -- Hamish Moffatt, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] Latest Debian packages at ftp://ftp.rising.com.au/pub/hamish. PGP#EFA6B9D5 CCs of replies from mailing lists are welcome. http://hamish.home.ml.org -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
