hiya, On Mon, Sep 22, 2008 at 10:06:35AM +0200, Andreas Tille wrote: > I wonder what might be the apropriate implementation in Debian because > I do not know that there is anything like a "password-protected cgi-bin > directory". Has anybody solved a similar problem or is there some > advise to do this reasonably?
my advice is that you put the "cgi-bin" binaries in a directory solely for
your own package, i.e. /usr/lib/<pkg>/cgi-bin . then you can set up a
default htaccess file and apache configuration under etc and leave it to the
admin to configure it (or do so via debconf if you want to be fancy).
i would strongly recommend against putting anything in /usr/lib/cgi-bin,
as use of this directory should be deprecated[1].
sean
[1] yes, i know that (normal, not webapps) policy still points at it and some
packages may still use it, but it should go away regardless.
--
signature.asc
Description: Digital signature
