----- Original Message ----- From: "Nicholas Elliott" <[EMAIL PROTECTED]> To: "Benjamin Pflugmann" <[EMAIL PROTECTED]>; "Brent Bailey" <[EMAIL PROTECTED]> Cc: "Octavian Rasnita" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, December 26, 2002 4:17 PM Subject: Re: Hiding the password
> Does the CGI-script need to be world-readable, or just world- > executable? All my perl CGI scripts are set up that way, so while > anyone can run it, only I can read the source code.... What manner of http daemon do you have running that allows "chmod 111" Perl CGI scripts to run? At the very least, the shebang-line needs to be read from the CGI. I tested it, and my test-CGI, according to my expectation, gives a "Permission denied" on a chmod 111 script. And I would be more worried if it behaved differently. And if you set ownership to the the Perl scripts to the "nobody" user (and run "chmod 551", for instance), then still everyone with access to running pages on your web-daemon, will also have read-access to your Perl CGI scripts. Or am I missing something? - Mark --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php