The execute bit is set. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Stuart J. Newman Engineer 4; Systems Solar Dynamics Observatory (SDO) Honeywell Technology Solutions Inc NASA/Goddard Space Flight Center Building 14, Room E222 Mail Stop 428.2 Greenbelt, MD 20771 Office: (301) 286-5145 EMail: Stuart.J.Newman@xxxxxxxx ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ NOTICE: This communication, including any attachment, contains information that may be confidential or privileged, and is intended solely for the entity or individual to whom it is addressed. If you are not the intended recipient, please notify the sender at once, and you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message is strictly prohibited. Nothing in this email, including any attachment, is intended to be a legally binding signature. > -----Original Message----- > From: Tom Evans [mailto:tevans.uk@xxxxxxxxxxxxxx] > Sent: Wednesday, April 03, 2013 08:03 > To: users@xxxxxxxxxxxxxxxx > Subject: Re: file extensions for CGI > > Is the file executable - ie "does it have it's exec bit set", not "is > it a program". > > Cheers > > Tom > > On Wed, Apr 3, 2013 at 12:03 PM, Newman, Stuart J. > (GSFC-444.0)[HONEYWELL TECHNOLOGY SOLUTIONS INC] > <stuart.j.newman@xxxxxxxx> wrote: > > I am using RedHat 6.4 with Apache 2.2.15. I send a wget request to > > the server for /cobbler/pub/foo.to. The server returns a 403 status. > > > > > > > > The access_log entry is: > > > > > > > > 129.165.8.75 - - [02/Apr/2013:11:46:44 +0000] "GET > /cobbler/pub/foo.to > > HTTP/1.0" 403 220 "-" "Wget/1.10.2 (Red Hat modified)" > > > > > > > > The error_log entry is: > > > > > > > > [Tue Apr 02 11:46:44 2013] [error] [client 129.165.8.75] Options > > ExecCGI is off in this directory: /var/www/cobbler/pub/foo.to > > > > > > > > The modsec_audit.log is the most complete: > > > > > > > > --cae3ab09-A-- > > > > [02/Apr/2013:11:48:47 +0000] UVrFn4GlCCkAAFj@O8UAAAAD 129.165.8.75 > > 46737 > > 129.165.8.41 80 > > > > --cae3ab09-B-- > > > > GET /cobbler/pub/foo.to HTTP/1.0 > > > > User-Agent: Wget/1.10.2 (Red Hat modified) > > > > Accept: */* > > > > Host: cobbler > > > > Connection: Keep-Alive > > > > > > > > --cae3ab09-F-- > > > > HTTP/1.1 403 Forbidden > > > > Content-Length: 220 > > > > Connection: close > > > > Content-Type: text/html; charset=iso-8859-1 > > > > > > > > --cae3ab09-E-- > > > > > > > > --cae3ab09-H-- > > > > Apache-Error: [file > > "/builddir/build/BUILD/httpd-2.2.15/modules/generators/mod_cgi.c"] > > [line 168] [level 3] Options ExecCGI is off in this directory: > > /var/www/cobbler/pub/foo.to > > > > Apache-Handler: cgi-script > > > > Stopwatch: 1364903327323156 1714 (- - -) > > > > Stopwatch2: 1364903327323156 1714; combined=59, p1=17, p2=37, p3=0, > > p4=0, p5=5, sr=0, sw=0, l=0, gc=0 > > > > Response-Body-Transformed: Dechunked > > > > Producer: ModSecurity for Apache/2.7.1 (http://www.modsecurity.org/). > > > > Server: Apache > > > > Engine-Mode: "ENABLED" > > > > > > > > --cae3ab09-Z— > > > > > > > > My question is why Apache considers a file with a “.to” extension to > > by a CGI script? > > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > ~~~~~~~~~~~~~~~~~~~~~~ > > > > Stuart J. Newman > > Engineer 4; Systems > > > > Solar Dynamics Observatory (SDO) > > > > > > > > Honeywell Technology Solutions Inc > > > > NASA/Goddard Space Flight Center > > > > Building 14, Room E222 > > > > Mail Stop 428.2 > > > > Greenbelt, MD 20771 > > > > > > > > Office: (301) 286-5145 > > > > EMail: Stuart.J.Newman@xxxxxxxx > > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > ~~~~~~~~~~~~~~~~~~~~~~ > > NOTICE: This communication, including any attachment, contains > > information that may be confidential or privileged, and is intended > > solely for the entity or individual to whom it is addressed. If you > > are not the intended recipient, please notify the sender at once, and > > you should delete this message and are hereby notified that any > > disclosure, copying, or distribution of this message is strictly > > prohibited. Nothing in this email, including any attachment, is > intended to be a legally binding signature. > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|