Jefferson Ogata wrote:
On 2010-09-09 20:33, Daryl Tester wrote:
This works as it should, but a side effect is that Action is exposing http:///cgi-bin/php5 to the outside world (which barfs when accessed directly). Access permissions on the cgi-bin directory appear to get propagated to the resources I'm trying to "handle", so that doesn't help.
That sounds like a potentially extremely dangerous configuration. I wonder what happens when you POST to that CGI.
Bear in mind that this is Ubuntu 10.04's *default* location for php in their php5-cgi package (potentially copied from Debian - I neither know nor care any more about these arbitrary distinctions), so this wasn't something I'd set up. It didn't help that FastCGI's canonical configuration of supporting script handlers is by forcing the interpreter to live in URL accessible space either (see use of Action directive at <http://www.fastcgi.com/drupal/node/5?q=node/10>, and other PHP+FastCGI documents). To "fix" this issue, I've subsequently discovered the mod_fcgid module which allows me to have an AddHandler without Action directive, so now my interpreters are existing well outside of access from URLs. Now I'm a moderately happy camper (or at least, sleeping slightly better at night). Cheers. -- Regards, Daryl Tester "It's bad enough to have two heads, but it's worse when one's unoccupied." -- Scatterbrain, "I'm with Stupid." --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|