On Fri, May 26, 2006 at 03:02:04PM -0700, Chris Cappuccio wrote: > Joachim Schipper [EMAIL PROTECTED] wrote: > > On Fri, May 26, 2006 at 11:21:54PM +0200, misiu wrote: > > > Tony Abernethy schrieb: > > > > > > >The problem with a changed root is that everything you will ever > > > >need to access needs to be inside this changed root. > > > >All the libriaries, etc etc --- that's right, another copy. > > > > > > > >One advantage of OpenBSD is that they actually understand security. > > > >(Most that tries to pass for security ... isn't (bluntly)) > > > Tanx, > > > > > > so if I understand it right, I need to copy /var/www/cgi-bin into > > > /var/www/htdocs. > > > > Erm, no. > > > > Say I write a Perl CGI script. I'd then need to copy /usr/bin/perl into > > the chroot (i.e., to /var/www/usr/bin/perl). Of course, perl would fail > > to start, as the perl executable is dynamically linked and thus > > dependent on quite a few things. > > <list of such things> > > Or you could run mod_perl
Yes, but that would neither be as instructive nor a proper solution, as you'd still require some perl include files, and most likely some external programs as well. Of course, mod_perl is a good idea for the fact that it's much faster than regular CGI. Though there are other solutions to that, from caching proxies to FastCGI. Joachim