Re: mod_actions (patch and questions)

[Randy Terbush <ra...@zyzzyva.com>]

> And another question... what's a good example use of this module. 
> Something we can stick in srm.conf-dist along with a cgi-bin thing, to
> give an example. The best one, imagemaps, is already built into the
> server, as are server-side includes, another candidate. Anyone got any
> good ideas? 
> 

My initial thought for a use of this was to exec cgi-wrapper for all
CGI scripts. However, it looks like the current cgi-wrapper code
requires scripts to be in a certain directory. I prefer the just allowing
.cgi.  After looking through the cgi-wrapper code, it seems to me that
it would be nice to add the same type of checking into mod_cgi. We
could even add a .scgi to force certain scripts to be "secure".

What I really want to accomplish is a way to set the userid for
CGI scripts. This helps considerably with setting up database access,
etc. I don't want to have 100+ different servers running to accomplish
this. I keep falling back to the SetEUID patches as the solution.
There has got to be a way to make this secure. I am beginning some
more serious testing of these patches. Has anyone else tried them?