You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Stand H <hs...@yahoo.com> on 2003/07/14 09:38:38 UTC
[users@httpd] CGI script
Hi all,
>From apache documentation:
Syntax: Options [+|-]option [[+|-]option] ...
Context: server config, virtual host, directory,
.htaccess
and
ExecCGI
Execution of CGI scripts is permitted.
<VirtualHost www.myvirtualhost.com>
ServerAdmin webmaster@myvirtualhost.com
ServerName www.myvirtualhost.com
ServerAlias myvirtualhost.com
DocumentRoot /web/myvirtualhost/htdocs
ErrorLog logs/error_log
TransferLog logs/access_log
Options Includes ExecCgi
I put a cgi script, called it myscript.cgi, on my
virtual web root. With "Options Includes ExecCgi" I
expected myscript.cgi could be executed on my virtual
document root but it couldn't unless I created
<Directory /web/myvirtualhost/htdocs> and put "Options
Includes ExecCgi" in it.
I got an error message
"Options ExecCGI is off in this directory:
/web/myvirtualhost/htdocs/myscript.cgi"
>From the documentation I think I can execute cgi
script on my virtual-host's document-root when I have
Options ExecCgi in <VirtualHost> directive.
I'm not clear, so please anyone explain to me more.
Thanks,
Stand
__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] CGI script
Posted by Stand H <hs...@yahoo.com>.
Hi,
"Options Includes ExecCgi" is in virtual host section
so it should override the options in <Directory />
which is in server config section.
Who know why?
Thanks,
Stand
--- Stand H <hs...@yahoo.com> wrote:
> Hi,
>
> It works after I comment all of the below
> directives.
>
> <Directory />
> Options FollowSymlinks
> AllowOverride AuthConfig FileInfo Indexes
> Limit Options
> </Directory>
>
> I have another question. Does it apply to all the
> subdirectories under / dir? If so, the default
> configuration of appache is not secure as it has
> "Options FollowSymlinks" in <Directory /> which
> allow
> the server to follow symbolic link in any
> directories
> under /.
>
> Thanks,
>
> Stand
>
>
> --- Aaron W Morris <aa...@mindspring.com>
> wrote:
> > Do you have any <Directory> statements that are
> > using extended regular
> > expressions?
> >
> > On Mon, 2003-07-14 at 03:38, Stand H wrote:
> > > Hi all,
> > >
> > > >From apache documentation:
> > >
> > > Syntax: Options [+|-]option [[+|-]option] ...
> > > Context: server config, virtual host, directory,
> > > .htaccess
> > >
> > > and
> > >
> > > ExecCGI
> > > Execution of CGI scripts is permitted.
> > >
> > > <VirtualHost www.myvirtualhost.com>
> > > ServerAdmin webmaster@myvirtualhost.com
> > > ServerName www.myvirtualhost.com
> > > ServerAlias myvirtualhost.com
> > > DocumentRoot /web/myvirtualhost/htdocs
> > > ErrorLog logs/error_log
> > > TransferLog logs/access_log
> > > Options Includes ExecCgi
> > >
> > >
> > > I put a cgi script, called it myscript.cgi, on
> my
> > > virtual web root. With "Options Includes
> ExecCgi"
> > I
> > > expected myscript.cgi could be executed on my
> > virtual
> > > document root but it couldn't unless I created
> > > <Directory /web/myvirtualhost/htdocs> and put
> > "Options
> > > Includes ExecCgi" in it.
> > > I got an error message
> > > "Options ExecCGI is off in this directory:
> > > /web/myvirtualhost/htdocs/myscript.cgi"
> > >
> > > >From the documentation I think I can execute
> cgi
> > > script on my virtual-host's document-root when I
> > have
> > > Options ExecCgi in <VirtualHost> directive.
> > >
> > > I'm not clear, so please anyone explain to me
> > more.
> > >
> > > Thanks,
> > >
> > > Stand
> >
> > --
> > Aaron W Morris <aa...@mindspring.com>
> (decep)
> >
> >
>
---------------------------------------------------------------------
> > The official User-To-User support forum of the
> > Apache HTTP Server Project.
> > See <URL:http://httpd.apache.org/userslist.html>
> for
> > more info.
> > To unsubscribe, e-mail:
> > users-unsubscribe@httpd.apache.org
> > " from the digest:
> > users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail:
> > users-help@httpd.apache.org
> >
>
>
> __________________________________
> Do you Yahoo!?
> SBC Yahoo! DSL - Now only $29.95 per month!
> http://sbc.yahoo.com
>
>
---------------------------------------------------------------------
> The official User-To-User support forum of the
> Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for
> more info.
> To unsubscribe, e-mail:
> users-unsubscribe@httpd.apache.org
> " from the digest:
> users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail:
> users-help@httpd.apache.org
>
__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] CGI script
Posted by Stand H <hs...@yahoo.com>.
Hi,
It works after I comment all of the below directives.
<Directory />
Options FollowSymlinks
AllowOverride AuthConfig FileInfo Indexes
Limit Options
</Directory>
I have another question. Does it apply to all the
subdirectories under / dir? If so, the default
configuration of appache is not secure as it has
"Options FollowSymlinks" in <Directory /> which allow
the server to follow symbolic link in any directories
under /.
Thanks,
Stand
--- Aaron W Morris <aa...@mindspring.com> wrote:
> Do you have any <Directory> statements that are
> using extended regular
> expressions?
>
> On Mon, 2003-07-14 at 03:38, Stand H wrote:
> > Hi all,
> >
> > >From apache documentation:
> >
> > Syntax: Options [+|-]option [[+|-]option] ...
> > Context: server config, virtual host, directory,
> > .htaccess
> >
> > and
> >
> > ExecCGI
> > Execution of CGI scripts is permitted.
> >
> > <VirtualHost www.myvirtualhost.com>
> > ServerAdmin webmaster@myvirtualhost.com
> > ServerName www.myvirtualhost.com
> > ServerAlias myvirtualhost.com
> > DocumentRoot /web/myvirtualhost/htdocs
> > ErrorLog logs/error_log
> > TransferLog logs/access_log
> > Options Includes ExecCgi
> >
> >
> > I put a cgi script, called it myscript.cgi, on my
> > virtual web root. With "Options Includes ExecCgi"
> I
> > expected myscript.cgi could be executed on my
> virtual
> > document root but it couldn't unless I created
> > <Directory /web/myvirtualhost/htdocs> and put
> "Options
> > Includes ExecCgi" in it.
> > I got an error message
> > "Options ExecCGI is off in this directory:
> > /web/myvirtualhost/htdocs/myscript.cgi"
> >
> > >From the documentation I think I can execute cgi
> > script on my virtual-host's document-root when I
> have
> > Options ExecCgi in <VirtualHost> directive.
> >
> > I'm not clear, so please anyone explain to me
> more.
> >
> > Thanks,
> >
> > Stand
>
> --
> Aaron W Morris <aa...@mindspring.com> (decep)
>
>
---------------------------------------------------------------------
> The official User-To-User support forum of the
> Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for
> more info.
> To unsubscribe, e-mail:
> users-unsubscribe@httpd.apache.org
> " from the digest:
> users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail:
> users-help@httpd.apache.org
>
__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] CGI script
Posted by Aaron W Morris <aa...@mindspring.com>.
Do you have any <Directory> statements that are using extended regular
expressions?
On Mon, 2003-07-14 at 03:38, Stand H wrote:
> Hi all,
>
> >From apache documentation:
>
> Syntax: Options [+|-]option [[+|-]option] ...
> Context: server config, virtual host, directory,
> .htaccess
>
> and
>
> ExecCGI
> Execution of CGI scripts is permitted.
>
> <VirtualHost www.myvirtualhost.com>
> ServerAdmin webmaster@myvirtualhost.com
> ServerName www.myvirtualhost.com
> ServerAlias myvirtualhost.com
> DocumentRoot /web/myvirtualhost/htdocs
> ErrorLog logs/error_log
> TransferLog logs/access_log
> Options Includes ExecCgi
>
>
> I put a cgi script, called it myscript.cgi, on my
> virtual web root. With "Options Includes ExecCgi" I
> expected myscript.cgi could be executed on my virtual
> document root but it couldn't unless I created
> <Directory /web/myvirtualhost/htdocs> and put "Options
> Includes ExecCgi" in it.
> I got an error message
> "Options ExecCGI is off in this directory:
> /web/myvirtualhost/htdocs/myscript.cgi"
>
> >From the documentation I think I can execute cgi
> script on my virtual-host's document-root when I have
> Options ExecCgi in <VirtualHost> directive.
>
> I'm not clear, so please anyone explain to me more.
>
> Thanks,
>
> Stand
--
Aaron W Morris <aa...@mindspring.com> (decep)
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org