[Date Prev][Date Next][Thread Prev][Thread Next]
[Search]
[Date Index]
[Thread Index]
Re: [MacPerl-WebCGI] Viewing a file inside a cgi-bin?
on 12/7/00 12:14 PM, Riccardo Perotti at perotti@pobox.com wrote:
> Hi all:
>
> I have a newbie problem:
>
> I wrote a guestbook script that writes to my "guestbook.htm" file. I put
> this file inside the cgi-bin so it could be written to, but now, obviously,
> nobody can view it and they get a 500 internal server error.
>
> What is the right way to do this? Should I put the .htm file outside the
> cgi-bin and set write permissions on it?
>
> Thanks,
>
> Riccardo Perotti
> --
> mailto:perotti@pobox.com
>
I'm stating this for UNIX based (apache) servers:
Directory setup on the server is greared to security.
Inside your ROOT directory are two directory's, all three of which are owed
(permission wise) by your HOST. The other two are CGI-BIN and HTDOCS (or
some other name for that directory that holds all your HTML files). Normally
you can only run scripts (.pl & .cgi) in the CGI-BIN with persission set to
755 (7 = read-write-execute for you. 5 = read & execute for anyone.) The
scripts can call or write a HTML file inside the CGI-BIN, but no one else
can. In fact when a script creates a directory or file, the persissions
belong to the script, not to you, ...I pulled a few hairs the first time
that happened to me! By the way, the best place to have your scripts write
to is a DATA directory inside your ROOT directory. As far as having the
outside word sign your guest book, you can use the following methods:
Call the CGI script directly; call an ACTION of the CGI script from a form
on a HTML page; or call an ACTION of the CGI script by using SSI (Server
Side Includes) to place your data where you want it on your HTML pages.
-chuck
==== Want to unsubscribe from this list?
==== Send mail with body "unsubscribe" to macperl-webcgi-request@macperl.org