> Hi David and thanks
> 
> True 755 is required for both read and execute by the group and world.
> 
> But all the directories and html code in my home site are all 744. I
> have the cgi-bin folder on 711 as that I thought (under Apache anyway)
> was supposedly only accessible by the owner but the world 
> also required
> execute to be able to execute a script read out by the owner.

> 
> http://www.cabonnecreations.com.au/cgibin/test1.cgi is a 711 
> file and is
> under that same 711 cgi-bin folder and it works! I am not logging
> directly into this site though. I am setting default as it were from a
> remote node. I can only ftp as owner!

 
> More thought required here. That code I sent also fails if I call it
> from a form loaded from the site. So I think there is more that just
> basic Unix permissions involved here.

Yes, it is controlled by apache. When the cgi-script is run, it is run at
the user set in the apache config file:
--
# User/Group: The name (or #number) of the user/group to run httpd as.
#  . On SCO (ODT 3) use "User nouser" and "Group nogroup".
#  . On HPUX you may not be able to use shared memory as nobody, and the
#    suggested workaround is to create a user www and use that user.
#  NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
#  when the value of (unsigned)Group is above 60000;
#  don't use Group #-1 on these systems!
#
User apache_user
Group apache_grp
--

So even if you have a cgi script with perms 700, you can still run the
script from a browser because it runs a 'apache_user'

>
> 


-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to