'[users@httpd] Re: Re: cgi scripts outside of cgi-bin'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-httpd-users
Subject:    [users@httpd]  Re: Re: cgi scripts outside of cgi-bin
From:       "Christopher J. Bottaro" <cjbottaro () alumni ! cs ! utexas ! edu>
Date:       2005-12-15 22:07:42
Message-ID: dnsp7g$mjt$1 () sea ! gmane ! org
[Download RAW message or body]

Joshua Slive wrote:

> On 12/15/05, Boyle Owen <Owen.Boyle@swx.com> wrote:
> 
>> Sadly, your program is not. The error message means that the script did
>> not produce the required CGI header information before any other data.
> 
> This is not quite the right direction.  In this case, the premature
> end of script headers is caused by a failure of suexec to launch the
> script because suexec's security restrictions were not met:
> 
>> > suexec.log says this:
>> >
>> > [2005-12-13 15:03:19]: uid: (501/sti) gid: (501/501) cmd: upload.cgi
>> > [2005-12-13 15:03:19]: directory is writable by others:
>> > (/home/sti/public_html/tragence/webapp/interfaces/weblib/pb_upload)
> 
> So he either needs to fix that problem (make the directory not
> writable by others) or disable suexec (find the binary and change its
> name).

The weird thing is that 'others' can't write to that dir:

$ ls -ld /home/sti/public_html/tragence/webapp/interfaces/weblib/pb_upload
drwxrwxr-x  3 sti sti 4096 Dec 15
15:42 /home/sti/public_html/tragence/webapp/interfaces/weblib/pb_upload

If I chmod it to 770, apache complains that it doesn't have permissions to
read the the cgi file (obviously).

The other weird thing is that apachectl -V says that suexec is
in /usr/sbin/suexec...but strangely enough, that file doesn't exist.

Also, to answer Owen's question...I simply cp'ed the script out of cgi-bin
to the aforementioned location.  No changes at all were made to the script. 
It works when in cgi-bin, but not outside of there.

> Joshua.

Thanks for the help,
-- Christopher


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic