HomeBuilding Your WebsiteServer Management

CGI security questions regarding Apache 2.0/WinXP...

CheeseMan posted this at 00:39 — 15th April 2004.

They have: 12 posts

Joined: Apr 2004

Hello

I was just wondering if there is anything I need to be concerned about with running user accounts directly under the cgi-bin directory of Apache 2.0 on Windows XP as shown below...

/cgi-bin/Steve/...Steve's scripts
/cgi-bin/Tom/ ...Tom's scripts
/cgi-bin/Kathy/...Kathy's scripts

I've tried aliasing and using cgiEXEC/execCGI (or whatever it's called) and even did some reading about suEXEC but I either was'nt able to understand it or could'nt get the examples to work. I'd really like open user accounts via the example shown above and keep it simple rather than turning this into a crash-course in rocket science.

Is this possible (or can I *make* it possible with a little adaptation) and what are some of the things I need to be concerned about?. I want to keep users separated from each other and most importantly, from the server itself. Each user will have their own FTP account that only allows access to their folder but I'm sure there is something else I need to do here.

Thank's