You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Ged Haywood <ge...@jubileegroup.co.uk> on 2004/03/17 11:29:15 UTC

Re: Installation / Configuration Questions

Hi there,

On Tue, 16 Mar 2004, Mr. Egomaniac wrote:

> I realize that this might be a newbie/already answered question

:)

> I've looked all over and can't seem to find anything that will help.

Well you didn't search the list archives very thoroughly... :)

http://www.gossamer-threads.com/perl/mailarc/gforum.cgi?post=114129;search_string=total%20newbie%20question;guest=2622237&t=search_engine#114129

And you didn't read the documentation about reporting problems:

http://perl.apache.org/docs/1.0/guide/help.html#How_to_Report_Problems

I make that 9,213 including the list signatures. :)

http://www.gossamer-threads.com/perl/mailarc/gforum.cgi?post=114085;search_string=10%2C000;guest=2622237&t=search_engine#114085

> 3) my http is as normal:
>
> Alias /perl/ /www/mod_perl/
> <Location /perl/>
>         SetHandler perl-script
>         PerlHandler Apache::Registry
>         Options +ExecCGI
>         #PerlSendHeader On
>         #allow from all
> </Location>

Not sure what 'normal' is.  You mean you're using Apache::Registry normally?

> 4) My mod_perl directory has permissions that should allow a browser to
> read/execute from it:
>     drwxr-xr-x    3 root     root         4096 Mar 11 13:10 mod_perl/

What about the directories above it?

> 5)  my script works in the mod_perl directory
>     !/usr/bin/perl
>     print("content-type: text/html\n\n");
>     print("<H1><Center>Hello World</CENTER><h1>\n");

That script has a serious error.  I'll leave you to find it.
Did you type it in by hand (never do that) or did you grab it
using copy/paste or an editor (always do that).

> 6) with appropriate permissions:
>     rwx------    1 nobody   nogroup       103 Mar 16 18:07 test.pl*

If that script ever can be run, and if the user 'nobody' can change
that script, then you can expect that user to have rooted your server.
Do please read up on security in Apache and mod_perl.  Make scripts
writeable only by root and readable/executable by the Apache uid/gid.
You haven't given the bits of httpd.conf which tell us what user and
group are used for the Apache children so I don't know if 'nobody' and
'nogroup' are right.

73,
Ged.

-- 
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html