You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl@perl.apache.org by Andrew Tucker <a....@katamail.com> on 2000/08/04 00:57:24 UTC

[Apache::asp] Secure execution of scripts by users

A simple (well, maybe not exactly) question: is there a way to allow normal users to run their custom ASP scripts without endangering too much system's security (such as apache suexec or php's safe mode, or even cgiwrap..)? Thanks in advance,

Andrew Tucker

___________________________________________________
Se vuoi un indirizzo di posta elettronica gratuito, 
iscriviti a http://www.katamail.com

Re: [Apache::asp] Secure execution of scripts by users

Posted by Joshua Chamas <jo...@chamas.com>.

Andrew Tucker wrote:
> 
> A simple (well, maybe not exactly) question: is there a way to allow normal users to run their custom ASP scripts without endangering too much system's security (such as apache suexec or php's safe mode, or even cgiwrap..)? Thanks in advance,
> 

If the CGI method of running ASP ever finally worked
completely, you could try that.  The cgi/asp script
is the place to start with that in mind.  It doesn't
process POST input last I left off with it.

The other way you can more safely have separate users
run Apache::ASP, as with mod_perl in general, is to have
per user web servers running on high ports, and have a 
mod_proxy front end forwarding requests back to each.

This will require more RAM & admin headaches to host each 
user, but will give them the benefits of mod_perl & ASP!

-- Joshua