Re: Apache cgi-bin for users
OK, several things on this subject. Addhandler cgi-script .cgi .pl (1) and ScriptAlias (2) are two different concepts for allowing binaries to be executed. Approach 1 will allow the execution of binaries based on their extension (.cgi and .pl here) regardless of where they are found. That includes the DocumentRoot directory and is usually thought to be somewhat insecure. Approch 2 will allow execution of binaries in a particular directory (as long as the bins are flagged 755 executable) SInce I prefer this, I will comment on this only. The cgi-bin part of www.domain.com/cgi-bin/ will be mapped to a directory somewhere in your filesystem. Wether this direcory is (write-)accessable via FTP etc to your customers is under your control. You can have several cgi-executable directories. A common way of setting up Apacher would be the following. (To keep it simple I left out several options I usually add) Set up a directory structure like this: /www/domain01.com/htdocs/ /www/domain01.com/cgi-bin/ /www/domain01.com/logs/ /www/domain02.com/htdocs/ /www/domain02.com/cgi-bin/ /www/domain02.com/logs/ etc. htdocs will be the directory to hold your customers uploadable html file etc. cgi-bin will have your pre-installed cgi-scripts (perl, binaries, shellscripts whatever) and logs, well, will have the apache log files. Now configure your Apache virtual hosts like this: VirtualHost your.ip.here ServerAdmin [EMAIL PROTECTED] DocumentRoot /www/domain01.com/htdocs/ DirectoryIndex index.php4 index.php3 index.html ServerName www.domain01.com ServerAlias domain01.com # Where the logfiles go: ErrorLog /www/domain01.com/log/errors CustomLog /www/domain01.com/log/access combined # www.domain01.com/cgi-bin ScriptAlias /cgi-bin /www/domain01/cgi-bin # For common cgi scripts not editable by customers # you might want to add: ScriptAlias /common-cgi /www/whatever/common-cgi # /www/whatever/common-cgi should be filled # with something useful certainly. Access as # http://www.domainXX.com/common-cgi/script.pl Directory /www/domain01.com # Tweak this to your needs: Options Includes FollowSymLinks # Allow customers to change options # within .htaccess files: AllowOverride All /Directory /VirtualHost For FTP access make /www/domain01.com/ the home (changerooted!) directory. Please note customers might be able to edit/remove logfiles with this config. In case you depend on the logs, make sure you take precautions here. Set the proper userid / rights etc. If you do not want customers to upload binaries to cgi-bin, either change the ftp home dir to /www/domain01.com/htdocs/ remove the cgi-bin config options and directory. For a real life setup with customers having several domains etc. you will certainly have a more complex directory structure like /www/customerid/domainname/ and several FTP logins etc. Hope that helps for a start. Cheers, Marcel Keith Elder [EMAIL PROTECTED] 3 Jan 2002, at 16:36: Thanks Marcel, Let me restate what it was I was asking just to clarify my situation. If anyone has any input, by all means annie up. What I am trying to do is setup the server so users in /home/*/ can execute CGI programs on their personal web pages on this particular machine. I found a reference in the apache admin guide I have and the apache site which say to put the following in the httpd.conf: Directory /home/*/public_html/cgi-bin Options ExecCGI Addhandler cgi-script .cgi .pl /Directory I have done that, but I still cannot make the following work: http://yourdomain.com/~username/cgi-bin/test.cgi When this page is run, I get premature end of headers in the error.log file. I thought this would be fairly simple but it is turning out to be a headache. Anything else I can try? Keith * Marcel Hicking ([EMAIL PROTECTED]) wrote: From: Marcel Hicking [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Thu, 3 Jan 2002 19:08:32 +0100 Subject: Re: Apache cgi-bin for users Reply-to: [EMAIL PROTECTED] X-mailer: Pegasus Mail for Win32 (v3.12c) ScriptAlias /cgi-bin/ /path/to/customers/cgi-bin/ See http://httpd.apache.org/docs/mod/mod_alias.html#scriptalia s Please make really(!) sure what security implications it has to allow not trustworthy people (customers ;-) to run programms on _your_ server. Hint: Look for cgi-wrap and changeroot. http://httpd.apache.org/docs-2.0/misc/security_tips.html http://httpd.apache.org/docs-2.0/suexec.html or better http://wwwcgi.umr.edu/~cgiwrap/ Cheers, Marcel Keith Elder [EMAIL PROTECTED] 31 Dec 2001, at 17:31: Greetings and Happy New Year! I am trying to enable cgi-bin on user directories. I found the following lines on the apache.org site, put them in, but they didn't work: Directory /home/*/public_html/cgi-bin Options ExecCGI SetHandler cgi-script /Directory
Re: Apache cgi-bin for users
Go for CGIWrap. CGIWrap is a gateway program that allows general users to use CGIscripts and HTML forms without compromising the security of the http server. Scripts are run with the permissions of the user who owns the script. In addition, several security checks are performed on the script, which will not be executed if any checks fail http://cgiwrap.unixtools.org/ Cheers, Marcel Jason Lim [EMAIL PROTECTED] 4 Jan 2002, at 6:04: While I've never run things from /home/*/public_html/cgi-bin/somethinghere.cgi, we've always had to recompile suexec to get things working. suexec has hard-compiled in the allowed directory, so you'd need to recompile that to get some other directory to work. I suggest you try that. Sincerely, Jason - Original Message - From: Keith Elder [EMAIL PROTECTED] To: Marcel Hicking [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, January 04, 2002 5:36 AM Subject: Re: Apache cgi-bin for users Thanks Marcel, Let me restate what it was I was asking just to clarify my situation. If anyone has any input, by all means annie up. What I am trying to do is setup the server so users in /home/*/ can execute CGI programs on their personal web pages on this particular machine. I found a reference in the apache admin guide I have and the apache site which say to put the following in the httpd.conf: Directory /home/*/public_html/cgi-bin Options ExecCGI Addhandler cgi-script .cgi .pl /Directory I have done that, but I still cannot make the following work: http://yourdomain.com/~username/cgi-bin/test.cgi When this page is run, I get premature end of headers in the error.log file. I thought this would be fairly simple but it is turning out to be a headache. Anything else I can try? Keith* Marcel Hicking ([EMAIL PROTECTED]) wrote: From: Marcel Hicking [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Thu, 3 Jan 2002 19:08:32 +0100 Subject: Re: Apache cgi-bin for users Reply-to: [EMAIL PROTECTED] X-mailer: Pegasus Mail for Win32 (v3.12c) ScriptAlias /cgi-bin/ /path/to/customers/cgi-bin/ See http://httpd.apache.org/docs/mod/mod_alias.html#scriptalias Please make really(!) sure what security implications it has to allow not trustworthy people (customers ;-) to run programms on _your_ server. Hint: Look for cgi-wrap and changeroot. http://httpd.apache.org/docs-2.0/misc/security_tips.html http://httpd.apache.org/docs-2.0/suexec.htmlor better http://wwwcgi.umr.edu/~cgiwrap/ Cheers, Marcel Keith Elder [EMAIL PROTECTED] 31 Dec 2001, at 17:31: Greetings and Happy New Year! I am trying to enable cgi-bin on user directories. I foundthe following lines on the apache.org site, put them in, butthey didn't work: Directory /home/*/public_html/cgi-binOptions ExecCGI SetHandler cgi-script/Directory Any other suggestions as to how to setup cgi-bin directoriesfor user accounts? Thanks, Keith ### Keith Elder Email: [EMAIL PROTECTED]Phone: 1-734-507-1438 Text Messaging (145 characters): [EMAIL PROTECTED]Web: http://www.zorka.com (Howto's, News, and hosting!)With enough memory and hard drive space anything in life is possible! ### --To UNSUBSCRIBE, email to [EMAIL PROTECTED]with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- __ .´ `.: :' ! Enjoy`. `´ Debian/GNU Linux `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] ### Keith Elder Email: [EMAIL PROTECTED] Phone: 1-734-507-1438 Text Messaging (145 characters): [EMAIL PROTECTED] Web: http://www.zorka.com (Howto's, News, and hosting!) With enough memory and hard drive space anything in life is possible! ### http://www.zentek-international.com -- __ .´ `. : :' ! Enjoy `. `´ Debian/GNU Linux `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Apache cgi-bin for users
On Thu, Jan 03, 2002 at 04:36:19PM -0500, Keith Elder wrote: [snip] http://yourdomain.com/~username/cgi-bin/test.cgi When this page is run, I get premature end of headers in the error.log file. I thought this would be fairly simple but it is turning out to be a headache. [snip] Just a thought, but what does your test.cgi look like? You could try the following script: -- 8 -- #!/bin/sh echo -en Content-type: text/plain\r\n echo -en \r\n echo -en Hello World!\r\n -- 8 -- That error implies that you don't have a blank line after your HTTP headers or something. -- Michael Wood [EMAIL PROTECTED]
Re: Apache cgi-bin for users
OK, several things on this subject. Addhandler cgi-script .cgi .pl (1) and ScriptAlias (2) are two different concepts for allowing binaries to be executed. Approach 1 will allow the execution of binaries based on their extension (.cgi and .pl here) regardless of where they are found. That includes the DocumentRoot directory and is usually thought to be somewhat insecure. Approch 2 will allow execution of binaries in a particular directory (as long as the bins are flagged 755 executable) SInce I prefer this, I will comment on this only. The cgi-bin part of www.domain.com/cgi-bin/ will be mapped to a directory somewhere in your filesystem. Wether this direcory is (write-)accessable via FTP etc to your customers is under your control. You can have several cgi-executable directories. A common way of setting up Apacher would be the following. (To keep it simple I left out several options I usually add) Set up a directory structure like this: /www/domain01.com/htdocs/ /www/domain01.com/cgi-bin/ /www/domain01.com/logs/ /www/domain02.com/htdocs/ /www/domain02.com/cgi-bin/ /www/domain02.com/logs/ etc. htdocs will be the directory to hold your customers uploadable html file etc. cgi-bin will have your pre-installed cgi-scripts (perl, binaries, shellscripts whatever) and logs, well, will have the apache log files. Now configure your Apache virtual hosts like this: VirtualHost your.ip.here ServerAdmin [EMAIL PROTECTED] DocumentRoot /www/domain01.com/htdocs/ DirectoryIndex index.php4 index.php3 index.html ServerName www.domain01.com ServerAlias domain01.com # Where the logfiles go: ErrorLog /www/domain01.com/log/errors CustomLog /www/domain01.com/log/access combined # www.domain01.com/cgi-bin ScriptAlias /cgi-bin /www/domain01/cgi-bin # For common cgi scripts not editable by customers # you might want to add: ScriptAlias /common-cgi /www/whatever/common-cgi # /www/whatever/common-cgi should be filled # with something useful certainly. Access as # http://www.domainXX.com/common-cgi/script.pl Directory /www/domain01.com # Tweak this to your needs: Options Includes FollowSymLinks # Allow customers to change options # within .htaccess files: AllowOverride All /Directory /VirtualHost For FTP access make /www/domain01.com/ the home (changerooted!) directory. Please note customers might be able to edit/remove logfiles with this config. In case you depend on the logs, make sure you take precautions here. Set the proper userid / rights etc. If you do not want customers to upload binaries to cgi-bin, either change the ftp home dir to /www/domain01.com/htdocs/ remove the cgi-bin config options and directory. For a real life setup with customers having several domains etc. you will certainly have a more complex directory structure like /www/customerid/domainname/ and several FTP logins etc. Hope that helps for a start. Cheers, Marcel Keith Elder [EMAIL PROTECTED] 3 Jan 2002, at 16:36: Thanks Marcel, Let me restate what it was I was asking just to clarify my situation. If anyone has any input, by all means annie up. What I am trying to do is setup the server so users in /home/*/ can execute CGI programs on their personal web pages on this particular machine. I found a reference in the apache admin guide I have and the apache site which say to put the following in the httpd.conf: Directory /home/*/public_html/cgi-bin Options ExecCGI Addhandler cgi-script .cgi .pl /Directory I have done that, but I still cannot make the following work: http://yourdomain.com/~username/cgi-bin/test.cgi When this page is run, I get premature end of headers in the error.log file. I thought this would be fairly simple but it is turning out to be a headache. Anything else I can try? Keith * Marcel Hicking ([EMAIL PROTECTED]) wrote: From: Marcel Hicking [EMAIL PROTECTED] To: debian-isp@lists.debian.org Date: Thu, 3 Jan 2002 19:08:32 +0100 Subject: Re: Apache cgi-bin for users Reply-to: [EMAIL PROTECTED] X-mailer: Pegasus Mail for Win32 (v3.12c) ScriptAlias /cgi-bin/ /path/to/customers/cgi-bin/ See http://httpd.apache.org/docs/mod/mod_alias.html#scriptalia s Please make really(!) sure what security implications it has to allow not trustworthy people (customers ;-) to run programms on _your_ server. Hint: Look for cgi-wrap and changeroot. http://httpd.apache.org/docs-2.0/misc/security_tips.html http://httpd.apache.org/docs-2.0/suexec.html or better http://wwwcgi.umr.edu/~cgiwrap/ Cheers, Marcel Keith Elder [EMAIL PROTECTED] 31 Dec 2001, at 17:31: Greetings and Happy New Year! I am trying to enable cgi-bin on user directories. I found the following lines on the apache.org site, put them in, but they didn't work: Directory /home/*/public_html/cgi-bin Options ExecCGI SetHandler cgi-script
Re: Apache cgi-bin for users
Go for CGIWrap. CGIWrap is a gateway program that allows general users to use CGIscripts and HTML forms without compromising the security of the http server. Scripts are run with the permissions of the user who owns the script. In addition, several security checks are performed on the script, which will not be executed if any checks fail http://cgiwrap.unixtools.org/ Cheers, Marcel Jason Lim [EMAIL PROTECTED] 4 Jan 2002, at 6:04: While I've never run things from /home/*/public_html/cgi-bin/somethinghere.cgi, we've always had to recompile suexec to get things working. suexec has hard-compiled in the allowed directory, so you'd need to recompile that to get some other directory to work. I suggest you try that. Sincerely, Jason - Original Message - From: Keith Elder [EMAIL PROTECTED] To: Marcel Hicking [EMAIL PROTECTED] Cc: debian-isp@lists.debian.org Sent: Friday, January 04, 2002 5:36 AM Subject: Re: Apache cgi-bin for users Thanks Marcel, Let me restate what it was I was asking just to clarify my situation. If anyone has any input, by all means annie up. What I am trying to do is setup the server so users in /home/*/ can execute CGI programs on their personal web pages on this particular machine. I found a reference in the apache admin guide I have and the apache site which say to put the following in the httpd.conf: Directory /home/*/public_html/cgi-bin Options ExecCGI Addhandler cgi-script .cgi .pl /Directory I have done that, but I still cannot make the following work: http://yourdomain.com/~username/cgi-bin/test.cgi When this page is run, I get premature end of headers in the error.log file. I thought this would be fairly simple but it is turning out to be a headache. Anything else I can try? Keith* Marcel Hicking ([EMAIL PROTECTED]) wrote: From: Marcel Hicking [EMAIL PROTECTED] To: debian-isp@lists.debian.org Date: Thu, 3 Jan 2002 19:08:32 +0100 Subject: Re: Apache cgi-bin for users Reply-to: [EMAIL PROTECTED] X-mailer: Pegasus Mail for Win32 (v3.12c) ScriptAlias /cgi-bin/ /path/to/customers/cgi-bin/ See http://httpd.apache.org/docs/mod/mod_alias.html#scriptalias Please make really(!) sure what security implications it has to allow not trustworthy people (customers ;-) to run programms on _your_ server. Hint: Look for cgi-wrap and changeroot. http://httpd.apache.org/docs-2.0/misc/security_tips.html http://httpd.apache.org/docs-2.0/suexec.htmlor better http://wwwcgi.umr.edu/~cgiwrap/ Cheers, Marcel Keith Elder [EMAIL PROTECTED] 31 Dec 2001, at 17:31: Greetings and Happy New Year! I am trying to enable cgi-bin on user directories. I foundthe following lines on the apache.org site, put them in, butthey didn't work: Directory /home/*/public_html/cgi-binOptions ExecCGI SetHandler cgi-script/Directory Any other suggestions as to how to setup cgi-bin directoriesfor user accounts? Thanks, Keith ### Keith Elder Email: [EMAIL PROTECTED]Phone: 1-734-507-1438 Text Messaging (145 characters): [EMAIL PROTECTED]Web: http://www.zorka.com (Howto's, News, and hosting!)With enough memory and hard drive space anything in life is possible! ### --To UNSUBSCRIBE, email to [EMAIL PROTECTED]with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- __ .´ `.: :' ! Enjoy`. `´ Debian/GNU Linux `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] ### Keith Elder Email: [EMAIL PROTECTED] Phone: 1-734-507-1438 Text Messaging (145 characters): [EMAIL PROTECTED] Web: http://www.zorka.com (Howto's, News, and hosting!) With enough memory and hard drive space anything in life is possible! ### http://www.zentek-international.com -- __ .´ `. : :' ! Enjoy `. `´ Debian/GNU Linux `-
Re: Apache cgi-bin for users
ScriptAlias /cgi-bin/ /path/to/customers/cgi-bin/ See http://httpd.apache.org/docs/mod/mod_alias.html#scriptalias Please make really(!) sure what security implications it has to allow not trustworthy people (customers ;-) to run programms on _your_ server. Hint: Look for cgi-wrap and changeroot. http://httpd.apache.org/docs-2.0/misc/security_tips.html http://httpd.apache.org/docs-2.0/suexec.html or better http://wwwcgi.umr.edu/~cgiwrap/ Cheers, Marcel Keith Elder [EMAIL PROTECTED] 31 Dec 2001, at 17:31: Greetings and Happy New Year! I am trying to enable cgi-bin on user directories. I found the following lines on the apache.org site, put them in, but they didn't work: Directory /home/*/public_html/cgi-bin Options ExecCGI SetHandler cgi-script /Directory Any other suggestions as to how to setup cgi-bin directories for user accounts? Thanks, Keith ### Keith Elder Email: [EMAIL PROTECTED] Phone: 1-734-507-1438 Text Messaging (145 characters): [EMAIL PROTECTED] Web: http://www.zorka.com (Howto's, News, and hosting!) With enough memory and hard drive space anything in life is possible! ### -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- __ .´ `. : :' ! Enjoy `. `´ Debian/GNU Linux `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Apache cgi-bin for users
Thanks Marcel, Let me restate what it was I was asking just to clarify my situation. If anyone has any input, by all means annie up. What I am trying to do is setup the server so users in /home/*/ can execute CGI programs on their personal web pages on this particular machine. I found a reference in the apache admin guide I have and the apache site which say to put the following in the httpd.conf: Directory /home/*/public_html/cgi-bin Options ExecCGI Addhandler cgi-script .cgi .pl /Directory I have done that, but I still cannot make the following work: http://yourdomain.com/~username/cgi-bin/test.cgi When this page is run, I get premature end of headers in the error.log file. I thought this would be fairly simple but it is turning out to be a headache. Anything else I can try? Keith * Marcel Hicking ([EMAIL PROTECTED]) wrote: From: Marcel Hicking [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Thu, 3 Jan 2002 19:08:32 +0100 Subject: Re: Apache cgi-bin for users Reply-to: [EMAIL PROTECTED] X-mailer: Pegasus Mail for Win32 (v3.12c) ScriptAlias /cgi-bin/ /path/to/customers/cgi-bin/ See http://httpd.apache.org/docs/mod/mod_alias.html#scriptalias Please make really(!) sure what security implications it has to allow not trustworthy people (customers ;-) to run programms on _your_ server. Hint: Look for cgi-wrap and changeroot. http://httpd.apache.org/docs-2.0/misc/security_tips.html http://httpd.apache.org/docs-2.0/suexec.html or better http://wwwcgi.umr.edu/~cgiwrap/ Cheers, Marcel Keith Elder [EMAIL PROTECTED] 31 Dec 2001, at 17:31: Greetings and Happy New Year! I am trying to enable cgi-bin on user directories. I found the following lines on the apache.org site, put them in, but they didn't work: Directory /home/*/public_html/cgi-bin Options ExecCGI SetHandler cgi-script /Directory Any other suggestions as to how to setup cgi-bin directories for user accounts? Thanks, Keith ### Keith Elder Email: [EMAIL PROTECTED] Phone: 1-734-507-1438 Text Messaging (145 characters): [EMAIL PROTECTED] Web: http://www.zorka.com (Howto's, News, and hosting!) With enough memory and hard drive space anything in life is possible! ### -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- __ .´ `. : :' ! Enjoy `. `´ Debian/GNU Linux `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] ### Keith Elder Email: [EMAIL PROTECTED] Phone: 1-734-507-1438 Text Messaging (145 characters): [EMAIL PROTECTED] Web: http://www.zorka.com (Howto's, News, and hosting!) With enough memory and hard drive space anything in life is possible! ### -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Apache cgi-bin for users
While I've never run things from /home/*/public_html/cgi-bin/somethinghere.cgi, we've always had to recompile suexec to get things working. suexec has hard-compiled in the allowed directory, so you'd need to recompile that to get some other directory to work. I suggest you try that. Sincerely, Jason - Original Message - From: Keith Elder [EMAIL PROTECTED] To: Marcel Hicking [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, January 04, 2002 5:36 AM Subject: Re: Apache cgi-bin for users Thanks Marcel, Let me restate what it was I was asking just to clarify my situation. If anyone has any input, by all means annie up. What I am trying to do is setup the server so users in /home/*/ can execute CGI programs on their personal web pages on this particular machine. I found a reference in the apache admin guide I have and the apache site which say to put the following in the httpd.conf: Directory /home/*/public_html/cgi-bin Options ExecCGI Addhandler cgi-script .cgi .pl /Directory I have done that, but I still cannot make the following work: http://yourdomain.com/~username/cgi-bin/test.cgi When this page is run, I get premature end of headers in the error.log file. I thought this would be fairly simple but it is turning out to be a headache. Anything else I can try? Keith * Marcel Hicking ([EMAIL PROTECTED]) wrote: From: Marcel Hicking [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Thu, 3 Jan 2002 19:08:32 +0100 Subject: Re: Apache cgi-bin for users Reply-to: [EMAIL PROTECTED] X-mailer: Pegasus Mail for Win32 (v3.12c) ScriptAlias /cgi-bin/ /path/to/customers/cgi-bin/ See http://httpd.apache.org/docs/mod/mod_alias.html#scriptalias Please make really(!) sure what security implications it has to allow not trustworthy people (customers ;-) to run programms on _your_ server. Hint: Look for cgi-wrap and changeroot. http://httpd.apache.org/docs-2.0/misc/security_tips.html http://httpd.apache.org/docs-2.0/suexec.html or better http://wwwcgi.umr.edu/~cgiwrap/ Cheers, Marcel Keith Elder [EMAIL PROTECTED] 31 Dec 2001, at 17:31: Greetings and Happy New Year! I am trying to enable cgi-bin on user directories. I found the following lines on the apache.org site, put them in, but they didn't work: Directory /home/*/public_html/cgi-bin Options ExecCGI SetHandler cgi-script /Directory Any other suggestions as to how to setup cgi-bin directories for user accounts? Thanks, Keith ### Keith Elder Email: [EMAIL PROTECTED] Phone: 1-734-507-1438 Text Messaging (145 characters): [EMAIL PROTECTED] Web: http://www.zorka.com (Howto's, News, and hosting!) With enough memory and hard drive space anything in life is possible! ### -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- __ .´ `. : :' ! Enjoy `. `´ Debian/GNU Linux `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] ### Keith Elder Email: [EMAIL PROTECTED] Phone: 1-734-507-1438 Text Messaging (145 characters): [EMAIL PROTECTED] Web: http://www.zorka.com (Howto's, News, and hosting!) With enough memory and hard drive space anything in life is possible! ### http://www.zentek-international.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Apache cgi-bin for users
ScriptAlias /cgi-bin/ /path/to/customers/cgi-bin/ See http://httpd.apache.org/docs/mod/mod_alias.html#scriptalias Please make really(!) sure what security implications it has to allow not trustworthy people (customers ;-) to run programms on _your_ server. Hint: Look for cgi-wrap and changeroot. http://httpd.apache.org/docs-2.0/misc/security_tips.html http://httpd.apache.org/docs-2.0/suexec.html or better http://wwwcgi.umr.edu/~cgiwrap/ Cheers, Marcel Keith Elder [EMAIL PROTECTED] 31 Dec 2001, at 17:31: Greetings and Happy New Year! I am trying to enable cgi-bin on user directories. I found the following lines on the apache.org site, put them in, but they didn't work: Directory /home/*/public_html/cgi-bin Options ExecCGI SetHandler cgi-script /Directory Any other suggestions as to how to setup cgi-bin directories for user accounts? Thanks, Keith ### Keith Elder Email: [EMAIL PROTECTED] Phone: 1-734-507-1438 Text Messaging (145 characters): [EMAIL PROTECTED] Web: http://www.zorka.com (Howto's, News, and hosting!) With enough memory and hard drive space anything in life is possible! ### -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- __ .´ `. : :' ! Enjoy `. `´ Debian/GNU Linux `-
Re: Apache cgi-bin for users
Thanks Marcel, Let me restate what it was I was asking just to clarify my situation. If anyone has any input, by all means annie up. What I am trying to do is setup the server so users in /home/*/ can execute CGI programs on their personal web pages on this particular machine. I found a reference in the apache admin guide I have and the apache site which say to put the following in the httpd.conf: Directory /home/*/public_html/cgi-bin Options ExecCGI Addhandler cgi-script .cgi .pl /Directory I have done that, but I still cannot make the following work: http://yourdomain.com/~username/cgi-bin/test.cgi When this page is run, I get premature end of headers in the error.log file. I thought this would be fairly simple but it is turning out to be a headache. Anything else I can try? Keith * Marcel Hicking ([EMAIL PROTECTED]) wrote: From: Marcel Hicking [EMAIL PROTECTED] To: debian-isp@lists.debian.org Date: Thu, 3 Jan 2002 19:08:32 +0100 Subject: Re: Apache cgi-bin for users Reply-to: [EMAIL PROTECTED] X-mailer: Pegasus Mail for Win32 (v3.12c) ScriptAlias /cgi-bin/ /path/to/customers/cgi-bin/ See http://httpd.apache.org/docs/mod/mod_alias.html#scriptalias Please make really(!) sure what security implications it has to allow not trustworthy people (customers ;-) to run programms on _your_ server. Hint: Look for cgi-wrap and changeroot. http://httpd.apache.org/docs-2.0/misc/security_tips.html http://httpd.apache.org/docs-2.0/suexec.html or better http://wwwcgi.umr.edu/~cgiwrap/ Cheers, Marcel Keith Elder [EMAIL PROTECTED] 31 Dec 2001, at 17:31: Greetings and Happy New Year! I am trying to enable cgi-bin on user directories. I found the following lines on the apache.org site, put them in, but they didn't work: Directory /home/*/public_html/cgi-bin Options ExecCGI SetHandler cgi-script /Directory Any other suggestions as to how to setup cgi-bin directories for user accounts? Thanks, Keith ### Keith Elder Email: [EMAIL PROTECTED] Phone: 1-734-507-1438 Text Messaging (145 characters): [EMAIL PROTECTED] Web: http://www.zorka.com (Howto's, News, and hosting!) With enough memory and hard drive space anything in life is possible! ### -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- __ .´ `. : :' ! Enjoy `. `´ Debian/GNU Linux `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] ### Keith Elder Email: [EMAIL PROTECTED] Phone: 1-734-507-1438 Text Messaging (145 characters): [EMAIL PROTECTED] Web: http://www.zorka.com (Howto's, News, and hosting!) With enough memory and hard drive space anything in life is possible! ###
Re: Apache cgi-bin for users
While I've never run things from /home/*/public_html/cgi-bin/somethinghere.cgi, we've always had to recompile suexec to get things working. suexec has hard-compiled in the allowed directory, so you'd need to recompile that to get some other directory to work. I suggest you try that. Sincerely, Jason - Original Message - From: Keith Elder [EMAIL PROTECTED] To: Marcel Hicking [EMAIL PROTECTED] Cc: debian-isp@lists.debian.org Sent: Friday, January 04, 2002 5:36 AM Subject: Re: Apache cgi-bin for users Thanks Marcel, Let me restate what it was I was asking just to clarify my situation. If anyone has any input, by all means annie up. What I am trying to do is setup the server so users in /home/*/ can execute CGI programs on their personal web pages on this particular machine. I found a reference in the apache admin guide I have and the apache site which say to put the following in the httpd.conf: Directory /home/*/public_html/cgi-bin Options ExecCGI Addhandler cgi-script .cgi .pl /Directory I have done that, but I still cannot make the following work: http://yourdomain.com/~username/cgi-bin/test.cgi When this page is run, I get premature end of headers in the error.log file. I thought this would be fairly simple but it is turning out to be a headache. Anything else I can try? Keith * Marcel Hicking ([EMAIL PROTECTED]) wrote: From: Marcel Hicking [EMAIL PROTECTED] To: debian-isp@lists.debian.org Date: Thu, 3 Jan 2002 19:08:32 +0100 Subject: Re: Apache cgi-bin for users Reply-to: [EMAIL PROTECTED] X-mailer: Pegasus Mail for Win32 (v3.12c) ScriptAlias /cgi-bin/ /path/to/customers/cgi-bin/ See http://httpd.apache.org/docs/mod/mod_alias.html#scriptalias Please make really(!) sure what security implications it has to allow not trustworthy people (customers ;-) to run programms on _your_ server. Hint: Look for cgi-wrap and changeroot. http://httpd.apache.org/docs-2.0/misc/security_tips.html http://httpd.apache.org/docs-2.0/suexec.html or better http://wwwcgi.umr.edu/~cgiwrap/ Cheers, Marcel Keith Elder [EMAIL PROTECTED] 31 Dec 2001, at 17:31: Greetings and Happy New Year! I am trying to enable cgi-bin on user directories. I found the following lines on the apache.org site, put them in, but they didn't work: Directory /home/*/public_html/cgi-bin Options ExecCGI SetHandler cgi-script /Directory Any other suggestions as to how to setup cgi-bin directories for user accounts? Thanks, Keith ### Keith Elder Email: [EMAIL PROTECTED] Phone: 1-734-507-1438 Text Messaging (145 characters): [EMAIL PROTECTED] Web: http://www.zorka.com (Howto's, News, and hosting!) With enough memory and hard drive space anything in life is possible! ### -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- __ .´ `. : :' ! Enjoy `. `´ Debian/GNU Linux `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] ### Keith Elder Email: [EMAIL PROTECTED] Phone: 1-734-507-1438 Text Messaging (145 characters): [EMAIL PROTECTED] Web: http://www.zorka.com (Howto's, News, and hosting!) With enough memory and hard drive space anything in life is possible! ### http://www.zentek-international.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]