On Fri, May 26, 2006 at 03:02:04PM -0700, Chris Cappuccio wrote:
> Joachim Schipper [EMAIL PROTECTED] wrote:
> > On Fri, May 26, 2006 at 11:21:54PM +0200, misiu wrote:
> > > Tony Abernethy schrieb:
> > >
> > > >The problem with a changed root is that everything you will ever
> > > >need to access needs to be inside this changed root.
> > > >All the libriaries, etc etc --- that's right, another copy.
> > > >
> > > >One advantage of OpenBSD is that they actually understand security.
> > > >(Most that tries to pass for security ... isn't (bluntly))
> > > Tanx,
> > >
> > > so if I understand it right, I need to copy /var/www/cgi-bin into
> > > /var/www/htdocs.
> >
> > Erm, no.
> >
> > Say I write a Perl CGI script. I'd then need to copy /usr/bin/perl into
> > the chroot (i.e., to /var/www/usr/bin/perl). Of course, perl would fail
> > to start, as the perl executable is dynamically linked and thus
> > dependent on quite a few things.
> > <list of such things>
>
> Or you could run mod_perl
Yes, but that would neither be as instructive nor a proper solution, as
you'd still require some perl include files, and most likely some
external programs as well.
Of course, mod_perl is a good idea for the fact that it's much faster
than regular CGI. Though there are other solutions to that, from caching
proxies to FastCGI.
Joachim
